Detail View

When you're flying first class, sometimes it’s the little details that enhance your experience. When it comes to web security, Detail View in dope.swg analytics gives you that added piece of mind.

Clicking on “Detail” from the dropdown brings you to the Detail view where you can view details on any policy violations over the last seven days.

By default the detail view will open showing the violation details for everyone, with the most recent violation first on the list.

The details view includes the following details associated with each web transaction:

  • Domain: The domain that the category match was made against.

  • URL/Path: The complete URL that that was attempted to be accessed.

  • Process Name: The process from where the connection attempt was made.

  • Location: The location of the dope.endpoint.

  • Destination IP: The destination IP for the requested URL.

  • Category: The categories associated with the domain.

  • User: The email address of the user. Logged in user where no user/group import has been done.

  • Size: The total size of the data transferred within the connection.

  • Type: What type of policy was applied to the transaction. (Policy/Malware/CAC)

  • Block Detail: Contains either the dope category, malware type, or the cloud application that resulted in the block.

  • Verdict: Will be one of the following — “Allow,” “Block,” “Warning,” or “Bypass.”

  • Time: The time of the web transaction.

  • Fallback Mode: Was the dope.endpoint in fallback mode at the time of the web transaction.

  • Cache Miss: Was the domain in the dope.endpoint cache

  • File Name: The file name that was blocked from being downloaded due to a malware violation.

  • File Hash: The file hash of the file that was blocked from being downloaded due to a malware violation.

By default, the Detail view shows every policy violation in the last seven days.

dope.swg also lets you search for a user, a group, or a location.

Search for User, Group or Location

When you start entering text into the search bar, dope.swg will suggest users, groups or locations that match the text you are entering. You can then search policy violation for a specific user, group or location.

You do not have to select a valid user, group, or location to search the detail view. You can simply enter text and the console will search for policy violations for users, groups, or locations starting with the text you have entered.

On selecting enter the Detail view which will be filtered with policy violations that match your search.

You need to have imported users and groups' data into the console to search for groups or locations.

Last updated