Proxy tab
- Juan Tomás Alonso Nieto (Deactivated)
Analytics
It is also important for a company to check the users' navigation behaviour. Proxy servers have a very important role in a network, acting as an intermediary for requests from clients seeking resources from other servers. The widgets in this tab draw information from the proxy.all.access table.
Using the time travel option at the top, it is possible to apply a time filter to the widgets in the tab in order to inspect activity at an earlier date. You can select a single day by clicking a day in the heat calendar widget. For instance a day with an especially high amount of traffic. Then select Apply interval and all widgets will be updated immediately.
Alternatively, you can select either a single day or a time period using the time travel filter controls. There are buttons for selecting recent periods or calendar controls to select specific dates.
Proxy traffic evolution
You can check the proxy traffic history through a heat calendar that shows the daily amount of proxy traffic over the last 12 months. The line chart next to it shows proxy traffic over the last 24 hours.
User behavior
Select the Expand section option to see the following widgets:
Users by accessed hosts
The Voronoi diagram is a breakdown of users grouped by hosts over the period specified.
Most accessed remote hosts
This table below shows a count of users with the hosts they accessed, along with the corresponding source IP address. Enter a user or host in the search box at the top of the table to filter the contents of the list.
You can also use this table to filter the contents of the Users by accessed hosts Voronoi diagram, the Most active users pie chart and the Distribution of users, hosts and IPs graph in this section. Select a user or host name and those widgets will be filtered out using the selected value. To remove the filter, select the x icon in the blue bar that appears in the filtered widgets.
Users by number of connections
Check the proportion of users over the period specified.
Users, hosts and IPs
This graph is a representation of the different relationships between users, IP addresses and accessed hosts.
Most rejected users and categories
These tables display a count of the most denied IP addresses, with their corresponding users and categories.
Top active users
Check the count of IP addresses and users with the highest number of connections over the selected period.
Users by OS, family and device
This Voronoi diagram shows users grouped by their corresponding operating systems, families and devices.
Navigation behavior
Select the Expand section option to see the following widgets:
Distribution of accesses
This diagram groups the different accesses by top-level domain, sub-domain and host.
URLs with the highest entropy
This table lists the URLs with the highest Shannon entropy over the selected period.
You can also use this table to filter the contents of the Traffic by domains graph in this section. Select a user or host name and the widget will be filtered out using the selected value. To remove the filter, select the x icon in the blue bar that appears in the filtered widgets.
Accessed top-level and sub-domains
This pie chart shows the breakdown of most accessed first-level domains over the selected period. See the relationships between accessed top-level domains and sub-domains over the selected period.
Most denied categories
These pie charts show the most denied categories and web categories over the selected period.
Top machines with TCP errors
This table shows a count of the machines with the highest number of errors, including the corresponding types and categories.
Accesses by request status, category and status code
This Voronoi diagram is a breakdown of accesses grouped by request status, category and status code.
Result codes
This bar chart shows the frequency of cache result codes over the selected period.