Mimecast Web Security: Activity Report

Document created by user.oxriBaJeN4 Employee on Aug 6, 2018Last modified by user.oxriBaJeN4 Employee on Oct 1, 2018
Version 11Show Document
  • View in full screen mode

This guide describes the Mimecast Web Security Activity Report that displays a log of all DNS and URL requests in real-time, allowing administrators to easily track user activity within the organization.

 

Accessing the Activity Report 


To access the Activity Report:

  1. Log on to theAdministration Console.
  2. Click on theAdministration menu item. A drop down menu displays.
  3. Click on the Web Security | Activity Report menu item.
  4. The details displayed in the activity log are described below:
    ColumnDescription
    UserThe user who the request came from.
    Source IPThe source IP the request came from.
    RequestThe URL or domain of the site the user attempted to access.
    CategoryThe category of the request. View the "Category Filtering Policies" section of the Mimecast Web Security: Configuring Policies page for the full list of categories.
    ActionDisplays the action taken on the request.
    CreatedDisplays the time of the request.
If the Administrator does not require login to the Mimecast Security Agent (MSA), and the user has not logged in or they are using a cloud only setup, they are considered unknown and left blank in the "User" column. Log entries left blank under the "Category" column are often reverse DNS lookups and are expected. Reverse lookups almost always contain a "Request" which contains "in-addr.arpa".

Customizing the Activity Report 

 

You can customize the data displayed and filter search results with the following features:

 

Searching Data

 

Searching Activity ReportTo search for particular activity:

  1. Enter known details in the Search field.
  2. To optionally filter the results of your entered search text, click on the All pull down menu and select one of the following:
    • User: Searches for users.
    • Source IP: Searches the source IP where the request came from.
    • Request: Searches the URL or domain request.
  3. Press the Enter key, or click on the magnifying glass icon. Your results display.

Customizing FiltersApplying Action and Category Filters

 

To filter activity by action (block or allow) or category (the type of site):

  1. Click on the Filters drop down menu.
  2. Check the boxes of the filters you wish to display. 
  3. Alternatively, if there are only a few options you wish to exclude, click on the Select all link and then deselect the unwanted options.
  4. Click on the Apply button. 

 

Customizing the Display

 

To show activity within a certain date range:

  1. Click on the Date Range drop down menu.
  2. Select a date range to apply to the data (from the past 24 hours to the past 90 days). 

 

To customize the columns displayed:

  1. Click on the Settings settings icon in the far right corner of the logs.
  2. Check the boxes of the columns you wish to view.
  3. Click on the Apply button. 

 

See Also...

 

Attachments

    Outcomes