Cisco Cisco Content Security Management Appliance M390 User Guide
5-39
AsyncOS 9.0 for Cisco Content Security Management Appliances User Guide
Chapter 5 Using Centralized Web Reporting and Tracking
Web Tracking
Searching for Transactions Processed by Web Proxy Services
Use the Proxy Services tab on the Web > Reporting > Web Tracking page to search web tracking data
aggregated from individual security components and acceptable use enforcement components. This data
does not include L4 Traffic Monitoring data or transactions processed by the SOCKS Proxy.
aggregated from individual security components and acceptable use enforcement components. This data
does not include L4 Traffic Monitoring data or transactions processed by the SOCKS Proxy.
You might want to use it to assist the following roles:
•
HR or Legal manager. Run an investigative report for an employee during a specific time period.
For example, you can use the Proxy Services tab to retrieve information about a specific URL that
a user is accessing, what time the user visited that URL, whether that URL is allowed, etc.
a user is accessing, what time the user visited that URL, whether that URL is allowed, etc.
•
Network security administrator. Examine whether the company network is being exposed to
malware threats through employees’ smartphones.
malware threats through employees’ smartphones.
You can view search results for the transactions recorded (including blocked, monitored, warned, and
completed) during a particular time period. You can also filter the data results using several criteria, such
as URL category, malware threat, and application.
completed) during a particular time period. You can also filter the data results using several criteria, such
as URL category, malware threat, and application.
Note
The Web Proxy only reports on transactions that include an ACL decision tag other than
“OTHER-NONE.
“OTHER-NONE.
For an example of Web Tracking usage, see the
For an example of how the Proxy Services tab can be used with other web reporting pages, see the
.
Procedure
Step 1
On the Security Management appliance, choose Web > Reporting > Web Tracking.
Step 2
Click the Proxy Services tab.
Step 3
To see all search and filtering options, click Advanced.
Step 4
Enter search criteria:
Table 5-13
Web Tracking Search Criteria on the Proxy Services Tab
Option
Description
Default Search Criteria
Time Range
Choose the time range on which to report. For information on time
ranges available on the Security Management appliance, see the
ranges available on the Security Management appliance, see the
User/Client IPv4 or IPv6
Optionally, enter an authentication username as it appears in reports or a
client IP address that you want to track. You can also enter an IP range
in CIDR format, such as 172.16.0.0/16.
client IP address that you want to track. You can also enter an IP range
in CIDR format, such as 172.16.0.0/16.
When you leave this field empty, the search returns results for all users.
Website
Optionally, enter a website that you want to track. When you leave this
field empty, the search returns results for all websites.
field empty, the search returns results for all websites.
Transaction Type
Choose the type of transactions that you want to track, either All
Transactions, Completed, Blocked, Monitored, or Warned.
Transactions, Completed, Blocked, Monitored, or Warned.