The Web Audit report displays a summary of allowed website traffic for each WebBlocker category and client. The report only includes data for traffic handled by the HTTP and HTTPS proxies.
This report includes data for HTTPS traffic in Dimension v2.1.2 Update 2 or higher.
This report is available when log messages with data for this report exist in the specified time frame. To make sure that your Firebox sends log messages required to generate this report, follow the steps to Enable Logging for this Report.
How to Use this Report
This report can help you better understand web browsing activity on your network. Here are some ways to use this report:
- Select the Client pivot to see the client computers on your network that account for the most web traffic.
- Select the Categories pivot to view the most popular website categories visited by your users. If you see categories that you do not want your users to access, such as Gambling sites, configure WebBlocker to deny those categories. For more information, see Configure WebBlocker Categories.
The Private IP Addresses category typically represents traffic between computers on your network.
View the Report
This report is available in WatchGuard Cloud and in Dimension.
- Log in to WatchGuard Cloud.
- Select Monitor > Fireboxes.
The Device Manager page appears.
- From the Device Manager list, select a folder or a specific device.
- To select the report date range, click the Calendar .
- From the list of reports, select Web > Web Audit.
The Web Audit report appears.
- To see reports for your Fireboxes or FireClusters, select Home > Devices.
The Devices list appears.
To see reports for your groups of Fireboxes, select Home > Groups.
The Groups list appears.
- Select the Name of a Firebox, cluster, or group.
The Tools > Executive Dashboard page appears.
- Select the Reports tab.
- Select Web > Web Audit.
The Web Audit report appears.
You can use pivots to change the view of the data on the report.
To switch to a different view, select a pivot from the drop-down list above the report.
This report includes these pivots:
Summary of the website traffic for connections allowed by proxy rules, by WebBlocker category.
Summary of the website traffic for connections allowed by proxy rules, by client.
To view a detailed report of all allowed web traffic connections through your device, click the View Details link at the top of the report.
The Web Audit Detail report includes a row for each website allowed by WebBlocker and shows this information:
|Event Time||Date and time WebBlocker allowed the website.|
|Category||WebBlocker category the website is assigned to.|
|Client||IP address of the traffic source.|
|Policy||Name of the Firebox policy that examined the traffic.|
|Disposition||The action taken by the Firebox for this traffic, such as Allowed or Denied.|
|Destination||IP address of the website.|
|Hits||Number of hits.|
If the Firebox is unable to connect to WebBlocker Cloud or if the user entered the passphrase for a WebBlocker Override or clicked Accept when a site matched a Warn action, the Category column might show (none) or an empty value ("").
To collect the data required for this report:
- In all WebBlocker actions, select the Log check box for all categories and select the When a URL is uncategorized, Log this action check box. For more information, see Configure WebBlocker Categories.