Proxy activity dimensions

These dimensions are available on the Proxy Activity report. You can organize data based on these dimensions.
Note: You must be an ETP super administrator or a user with a specific permission to view the Proxy Activity report. For more information, see Enterprise Threat Protector roles.
Dimension Description
Domain Domain requested by the user.
Location Indicates the ETP location where the transaction originated from.
Action Policy action that was applied.
Internal Client IP Internal IP address of the user’s machine.
User Name Username of the user who made the request.
Destination IP IP address of the destination (origin) website.
Destination Port TCP or UDP port number of traffic such as port 80 for HTTP traffic and port 443 for HTTPS traffic.
Source IP IP address of traffic. This is likely the IP address that is assigned to a location as a result of Network Address Translation (NAT).
Client Port Port of ETP Client.
Geo Geographical location where responses originate from.
Autonomous System A unique identifier for a network.
HTTP Request Method The action that’s performed during a request.
Reason Indicates why traffic was directed to ETP Proxy. For example, it may indicate that traffic was directed for ETP Proxy as a result of Akamai intelligence (threat lists), Acceptable Use Policy (AUP), or as a result of customer intelligence (custom lists created by administrators).
Onramp Type Indicates how activity was directed to ETP Proxy.
One of these values may appear:
  • dns. Indicates DNS activity was forwarded to ETP Proxy.
  • web. Indicates web (HTTP and HTTPS) request was forwarded to the full web proxy.
  • onramp_dns. Indicates that risky HTTP and HTTPS traffic was forwarded to the selective proxy.
  • etp_client. Indicates the request was directed to ETP Proxy as a result of ETP Client.
  • etp_offnet_client. Indicates the request was directed to ETP Proxy as a result of ETP Client. In this case, ETP Client was off the corporate network.
  • explicit_proxy_tls. Indicates the request was directed to ETP Proxy as a result of an on-premises proxy configuration.
Client Request ID Universally unique identifier (UUID) of ETP Client that’s installed on the machine.
Machine Name Name of the user’s machine.
Groups User group that’s assigned to the user who made the request.
Matched Groups Indicates the users in groups appear in multiple groups.
User ID ID of the user who made the request.
Internal Client Name Internal client name of machine that’s detected by DNS Forwarder.
Dictionaries The specific dictionary that’s used to scan uploaded content for data loss prevention (DLP).
Patterns The pattern in a dictionary that’s used to scan uploaded content for DLP.
File Hash The hash of the uploaded file that’s scanned by DLP.
Application If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the specific web application that is associated with the activity.
Operation If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the specific application operation that is associated with the activity.
Risk If your organization is participating in the application visibility and control (AVC) beta, this dimension shows the risk level that is associated with the activity.