The Denied Quota report shows information about denied traffic for users who exceed the bandwidth and time quotas configured on the device.
This report is available only if log messages with data for this report exist in the specified time frame. To make sure that your Firebox sends log messages required to generate this report , follow the steps to Enable Logging for this Report.
How to Use this Report
Use this report to see connections the Firebox denies from clients that exceed configured bandwidth and time quotas. These reports can help you identify attempts at excessive usage, or help you understand whether you need to change the quota configuration.
View the Report
This report is available in WatchGuard Cloud and in Dimension.
- Log in to WatchGuard Cloud.
- Select Monitor > Fireboxes.
The Device Manager page appears.
- From the Device Manager list, select a folder or a specific device.
- To select the report date range, click the Calendar .
- From the list of reports, select Device > Denied Quota.
The report appears.
- To see reports for your Fireboxes or FireClusters, select Home > Devices.
The Devices list appears.
To see reports for your groups of Fireboxes, select Home > Groups.
The Groups list appears.
- Select the Name of a Firebox, cluster, or group.
The Tools > Executive Dashboard page appears.
- Select the Reports tab.
- Select Device > Denied Quota.
The report appears.
To view a detailed report of denied packets, click the View Details link at the top of the summary report.
The Denied Quota detail report has a row for each instance of traffic blocked between a source and a destination.
|First Action At||The date and time when the traffic was denied|
|Source||The source of the denied traffic. This is the client that exceeded the quota.|
|Destination||The destination of the denied traffic|
|Attempts||The number of attempts to send traffic between the source and destination|
|Action||Indicates whether the bandwidth or time quota was exceeded|
Logging of denied packets is in enabled in policies by default.
If it is disabled, to enable it again:
- In packet filter policies, select the Send a log message for reports.
- In proxy policies, select Enable logging for reports.
For more information, see Set Logging and Notification Preferences.