Toolbox Items

	Customize Report Export report to CSV

More Information

	For a detailed description about the items in this tab, click here.

Suspicious Traffic Report

The Suspicious Traffic report lists sender and receiver identification information for network packets that have been identified as containing suspicious text content. Identification of suspicious text is based upon predefined rules that typically list profanity, threatening language or other text that may be considered suspicious within your environment. Entries in this report may reflect suspicious traffic being received from external sources, or being sent by internal users.

• Click on an entry in the External IP column to launch a DNS Lookup of the external domain's identifying information.
• Click on an entry in the Internal IP column to open the network traffic detail reports for the associated workstation.
• Click on a Details link to open the Suspicious Traffic Packet report to review the details on the text content of the suspicious packet.
• Click on the Add to Favorites icon at the upper right of the report to add this report to your list of commonly accessed network traffic reports on the Reports Dashboard.

The TOOLS panel includes a Search utility to locate report entries by External and Internal IP Address, internal User and Computer, Rule Name, Search String, or a combination of these values (Advanced Search).

The Date Range and Time Range functions support data searches based upon selected dates and time.

Toolbox utilities support exporting the selected data into a comma separated variable file (.csv) as well as generating the report in .PDF format for printing. (online Help)

Suspicious Traffic Report - online Help

Suspicious Traffic Object - online Help