What's new with Cloud Reporting?

Updated 1 month ago by admin

The next generation of the Unified Security Service logging platform is known as "Cloud Reporting" and during the last quarter of 2022, customers may notice a new "Cloud Reporting" toggle appear in their dashboard. The aim of the Cloud Reporting platform is to migrate data to a regionalised ElasticSearch powered data lake for faster performance and to support future data analytics features.

Customers will be migrated automatically to Cloud Reporting, however early migration can be requested by contacting your Service Provider.

This article outlines the changes that have been introduced in the Analytics section with the Cloud Reporting toggle. Continual enhancements will be rolled out automatically.

General

  • Faster querying of large datasets
  • Faster processing of downloads and schedules (see Schedules section below)
  • Pagination - this has been replaced with a forward and back navigation. ElasticSearch/NoSQL works using cursors rather than the concept of paging. In the near future, this navigation will be replaced with an "infinite scroll" experience. As an alternative to paging, consider using more specific time period filters or sorting on columns to see first and last pages.

Web Security

Web Activity (Hits)
  • The "Username" filter has been extended to support a picker, or free-form typing of usernames (press enter to confirm the entry). This is now compatible with UPN style usernames.
  • A new "AD Groups" filter has been added to allow searching of web hits by Active Directory group membership.
  • A new "AD domain" filter has been added rather than having to specify the domain name as part of the "Username" filter.
  • The "MIME Category", "MIME Type" and "Malware" filters have been replaced with "Response Category" and "Response Pattern" filters. These are more generic and will support more scanners than MIME and Malware going forwards.
  • The "Img Certainty (%)" field has been removed.
Web Activity (Visits)
  • This report is under review. It is likely to be replaced in the near future with the option to create a "Summary" report for web hits.
Web Activity by Category
  • This is part of the Extended Web Reports add-on which is End of Life. The report will be replaced in the near future.

Cloud Activity (Inline)

  • The same "Username", "AD Groups" and "AD Domains" filters as described for "Web Security by Hits" above.
  • New "Baseline Risk" and "Custom Risk" filters to search for SaaS activity by risk level.

Email Activity

  • Added recipient level delivery status to "Message Details" window.

Authentication Activity

  • Coming soon

IDaaS Activity

  • Coming soon

Schedules

  • Please recreate your schedules with Cloud Reporting enabled in order to benefit from the new logging platform (recommended)
  • Combined Reports - coming soon

Charts

Web Security
  • Top Allowed Domains
  • Top Allowed Users
  • Top Blocked Domains
  • Top Blocked Malware by Domain
  • Top Blocked Malware by Name
  • Top Blocked Mime Types by Domain
  • Top Blocked Mime Types by Type
  • Top Blocked Users
  • Top Custom URL Categories
  • Top Devices (IP)
  • Top Devices (MAC)
  • Top Device Types
  • Top Domains
  • Top Keyword Categories
  • Top Operating Systems
  • Top Users
  • Top Web Categories
Cloud Application Security (Inline)
  • Top Cloud Application Actions
  • Top Cloud Application Activity
  • Top Cloud Application Classes
  • Top Cloud Application Locations
  • Top Cloud Application Names
  • Top Cloud Application Risks
  • Top Cloud Application Risks (User)
  • Top Users of Cloud Applications
Email Security
  • Email Volume
  • Inbound Email Activity
  • Top Email Actions
  • Top Email Rules
  • Top Final Actions
  • Top Final Rules
  • Top Recipients
  • Top Senders
  • Top Spam Recipients
  • Top Virus Recipients
Cloud Application Security (API), MFA, IDaaS
  • Coming soon


How did we do?