S
ECTION
1: P
RODUCTIVITY
R
EPORTS
U
SE
D
RILL
D
OWN
R
EPORTS
FOR
AN
INVESTIGATION
M86 S
ECURITY
E
VALUATION
G
UIDE
19
•
Category
- Displays the category name (e.g. “Alcohol”).
•
User IP
- Displays the IP address of the user’s machine (e.g. “200.10.101.80”).
•
User
- Displays any of the following information: username, user IP address, or
the path and username (e.g. “logo\admin\jsmith”).
•
Site
- Displays the URL the user attempted to access (e.g. “coors.com”).
•
Filter Action
- Displays the type of filter action used by the Web Filter in
creating the record: "Allowed", "Blocked", "Warn Blocked" (for the first warning
page that displayed for the end user), "Warn Allowed" (for any subsequent
warning page that displayed for the end user), “Quota Blocked” (if a quota
blocked the end user), "X-Strike", or "N/A" if the filter action was unclassified at
the time the log file was created.
•
Content Type
- Displays the method used by the Web Filter in creating the
record: “Search KW” (Search Engine Keyword), “URL KW” (URL Keyword),
“URL”, “Wildcard”, “Https High” (HTTPS Filtering Level set at High), “X-strike” (X
Strikes Blocking), “Pattern” (Proxy Pattern Blocking), “File Type”, “Https
Medium” (HTTPS Filtering Level set at Medium), or “N/A” if the content was
unclassified at the time the log file was created.
•
Content
- Displays criteria used for determining the categorization of the
record, or “N/A” if unclassified.
•
Search String
- Displays the full search string the end user typed into a search
engine text box in search sites such as Google, Bing, Yahoo!, MSN, AOL,
Ask.com, YouTube.com, and MySpace.com—if the Search Engine Reporting
option is enabled in the Optional Features screen of the System Configuration
administrator console user interface.
Detail Drill Down Report exercise
For the purpose of this evaluation, follow these steps to witness how the Security
Reporter is best in class in terms of the extent of detailed page and object informa-
tion it provides.
Step A: Select a specific user by Category
If not already completed, click the “Page Count” column link for any record in the
Summary Drill Down Report.
Step B: Sort by “Filter Action” column
Clicking the “Filter Action” column header will sort all records by the type of filter
action—whether the event was blocked, allowed or warned. Blocked searches will
be highlighted in red font for easier detection.
Step C: Full URL review
The full length URL of every Internet search by the users is listed in the “URL”
column of the detail page information.
To view record data that displays truncated in a column, mouse over the column to
view the entire string of data in the column for a given record:
