Contents

Application Usage Report

The Application Usage report shows a summary of application usage data for allowed connections. The report includes TCP-UDP-Proxy incoming and outgoing connection transaction data, when available.

This report is available only if log messages with data for this report exist in the specified time frame. To make sure that your Firebox sends log messages required to generate this report , follow the steps to Enable Logging for this Report.

How to Use this Report

This report can help you analyze how applications use your network resources. Here are some ways to use this report:

  • Select the Top Users pivot sorted by Bandwidth to identify which users consume the most bandwidth on your network. In the Authenticated User column, click arrows next to user names to show which applications they use.
  • Select the Application (User) pivot sorted by Bandwidth to identify which applications consume the most bandwidth on your network. In the Application column, click arrows next to applications to show the names of the top users.

View the Report

This report is available in WatchGuard Cloud and in Dimension.

Pivots

You can use pivots to change the view of the data on the report.

To switch to a different view, select a pivot from the drop-down list above the report.

This report includes these pivots:

Application (User)

Summary of the applications with the most users, by user name.

Application (Host)

Summary of the applications with the most users, organized by host name.

Top Hosts

Summary of the top hosts on the network, organized by application.

Top Users

Summary of the top users on the network, organized by application.

Detail View

To view a detailed report of all connections used by applications on your network, click the View Details link at the top of the report.

Screen shot of View Details link in a report

The Application Usage Detail report includes a row for each connection used by an application on your network:

Column Description
Event Time Date and time that an application event occurred
Client IP address of the client device.
Source IP address of the traffic source.
Destination IP address of the traffic destination.
Policy Name of the Firebox policy that examined the traffic.
Protocol Protocol used to send the traffic.
Category Application Control category the application is assigned to.
Application Application type or name.
Disposition The action taken by the Firebox for this traffic, such as Allowed or Denied.
Bytes (MB) Amount of data in MB.
Hits Number of hits.

Enable Logging for this Report

To collect the data required for this report:

  • In the Logging and Notification settings for all packet filters, select Send a log message for reports. For more information, see Set Logging and Notification Preferences.
  • In the General Settings for all proxy actions, select Enable logging for reports.

See Also

WatchGuard Cloud Device Reports

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search