Web Audit Report

Applies To: Cloud-managed Fireboxes, Locally-managed Fireboxes

The Web Audit report displays a summary of allowed website traffic for each WebBlocker category and client. The report only includes data for traffic handled by the HTTP and HTTPS proxies.

This report includes data for HTTPS traffic in Dimension v2.1.2 Update 2 or higher.

This report is available when log messages with data for this report exist in the specified time frame. To make sure that your Firebox sends log messages required to generate this report, follow the steps to Enable Logging for this Report.

How to Use this Report

This report can help you better understand web browsing activity on your network. Here are some ways to use this report:

  • Select the Client pivot to see the client computers on your network that account for the most web traffic.
  • Select the Categories pivot to view the most popular website categories visited by your users. If you see categories that you do not want your users to access, such as Gambling sites, configure WebBlocker to deny those categories. For more information, see Configure WebBlocker Categories.

The Private IP Addresses category typically represents traffic between computers on your network.

View the Report

This report is available in WatchGuard Cloud and in Dimension.


You can use pivots to change the view of the data on the report.

To switch to a different view, select a pivot from the drop-down list above the report.

This report includes these pivots:


Summary of the website traffic for connections allowed by proxy rules, by WebBlocker category.


Summary of the website traffic for connections allowed by proxy rules, by client.

Detail View

To view a detailed report of all allowed web traffic connections through your device, click View Details at the top of the report.

Screen shot of View Details link in a report

The Web Audit Detail report includes a row for each website allowed by WebBlocker and shows this information:

Column Description
Event Time Date and time WebBlocker allowed the website
Category WebBlocker category the website is assigned to
Client IP address of the traffic source
Policy Name of the Firebox policy that examined the traffic
Disposition Action taken by the Firebox for this traffic, such as Allowed or Denied
Destination IP address of the website
Hits Number of hits

If the Firebox is unable to connect to WebBlocker Cloud or if the user entered the passphrase for a WebBlocker Override or clicked Accept when a site matched a Warn action, the Category column might show (none) or an empty value ("").

Enable Logging for this Report

Logging for cloud-managed Fireboxes is automatically enabled. For locally-managed Fireboxes, you must manually enable logging in Fireware Web UI or Policy Manager. For more information, see Set Logging and Notification Preferences.

To collect the data required for this report for locally-managed Fireboxes, in Fireware Web UI or Policy Manager:

See Also

WatchGuard Cloud Device Reports List