Need help truly understanding Dashboard reports

Comments

4 comments

  • Avatar
    Alexander Harrison

    We have two articles that you may not have come across that goes over each section of reporting. The first is part of our getting started guide on the Dashboard, and the second focuses more on reporting and the different types of reporting available

    As a whole, the Activity Search shows each DNS request made, and the other reports are:

    • Security Activity:  This is the security related activity on your network, whether that's malware, botnet or any of the other security categories. 
    • Total Requests:  This is the total number of requests for web resources from your total Organization over a period of time.  The report can be filtered based on individual identities or time periods.
    • Activity Volume:  These are the queries from identities within your organization over a period of time, divided by security category or content type.  This report has two views, a Snapshot and a Trend Over Time graph.
    • Top Domains:  This report shows the most requested domains within your entire Umbrella for the period of time selected, or for the identities selected.
    • Top Categories:  This is top content categories for your organization or a user within your organization over the time period selected.
    • Top Identities:  This overlay shows the trends of activity along side the threats from either malware or botnets over the time period selected.  By default this is 24 hours. 
  • Avatar
    working4theman

    Thanks for the great response and I did read the guides.  I guess what is considered average/normal.  For instance at 5 pm I had 7,968 total requests.  That seems excessive doesnt it?

  • Avatar
    Alexander Harrison

    An average user on a network will make approximately 1,000 requests per day. Note that each DNS request will be recorded and some websites make 10s of requests. I have two examples of busy websites. Each was run through a page analyzer and the output is each domain queried to load the page. These are some extreme examples, but they help indicate that 8K/hour is a reasonable number for an office of about 60 people for normal-light use. 

    t-mobile.com: http://www.webpagetest.org/domains.php?test=141105_GJ_ZD1&run=1&cached=0

    s.tmocache.com
    www.t-mobile.com
    tmobile-us.inq.com
    nexus.ensighten.com
    s.yimg.com
    mediav3.inq.com
    cdn.clicktale.net
    triggeredmail.appspot.com
    admin.brightcove.com
    cdn.tt.omtrdc.net
    d1wscoizcbxzhp.cloudfront.net
    cobrowse.inq.com
    tags.bkrtx.com
    tags.bluekai.com
    tmobile.tt.omtrdc.net
    www.googleadservices.com
    dws.cbsimg.net
    t.channeladvisor.com
    a.adroll.com
    libs.coremetrics.com
    px.owneriq.net
    cm.g.doubleclick.net
    t-mobile.ugc.bazaarvoice.com
    googleads.g.doubleclick.net
    998766.fls.doubleclick.net
    www.facebook.com
    edge.quantserve.com
    metrics.t-mobile.com
    ads.yahoo.com
    tmo99.t-mobile.com
    s.amazon-adsystem.com
    r.turn.com
    fls.doubleclick.net
    www.google.com
    es.t-mobile.com
    magnetic.t.domdex.com
    ib.adnxs.com
    api.adsymptotic.com
    tmscdn.coremetrics.com
    20547255p.rfihub.com
    ace-tag.advertising.com
    p.rfihub.com
    geo.query.yahoo.com
    d.adroll.com
    ad.ipredictive.com
    dw.cbsi.com
    pixel.rubiconproject.com
    syndication.streamads.yahoo.com
    a.tribalfusion.com
    dsa.csdata1.com
    a.analytics.yahoo.com
    bh.contextweb.com
    r.casalemedia.com
    fast.fonts.com
    api.bazaarvoice.com
    segment-pixel.invitemedia.com
    servedby.flashtalking.com
    pixel.tapad.com
    ad.yieldmanager.com
    tapestry.tapad.com
    tracking2.channeladvisor.com
    b.collective-media.net
    tacoda.at.atwola.com
    pixel.quantserve.com
    d.audienceiq.com
    ads.magnetic.is
    t-mobile.com
    sync.adap.tv
    fast.fonts.net
    replaycontroller.4seeresults.com
    bid.g.doubleclick.net
    adadvisor.net
    rtb.gumgum.com
    rum2.keynote.com

    espn.com: http://www.webpagetest.org/domains.php?test=141105_BQ_ZD6&run=1&cached=0

    a.espncdn.com
    player.ooyala.com
    assets.espn.go.com
    opf.ooyala.com
    a2.espncdn.com
    a1.espncdn.com
    pagead2.googlesyndication.com
    adm.fwmrm.net
    sports-ak.espn.go.com
    espn.go.com
    static.chartbeat.com
    secure-us.imrworldwide.com
    g.espncdn.com
    scores.espn.go.com
    nba-scores.ff0000-cdn.net
    www.gstatic.com
    ad.doubleclick.net
    vod.espn.go.com
    m.v.fwmrm.net
    a.visualrevenue.com
    espn-admin.ff0000-cdn.net
    streak.espn.go.com
    b.scorecardresearch.com
    w88.go.com
    a3.espncdn.com
    b.grvcdn.com
    l.ooyala.com
    content.dl-rms.com
    log.go.com
    bd0dc.v.fwmrm.net
    pespn.chartbeat.net
    www.espn.com
    ak.c.ooyala.com
    rma-api.gravity.com
    cdn-api.ooyala.com
    310987714.log.optimizely.com
    pubads.g.doubleclick.net
    espn.com
    adsatt.espn.go.com
    t1.visualrevenue.com
    broadband.espn.go.com
    p.visualrevenue.com
  • Avatar
    rotblitz

    Alexander,

    Would you know why the links "getting started guide on the Dashboard" and "reporting and the different types of reporting available" are ending up with "You do not have access to this page. Please contact the account owner of this Zendesk for further help" for me?

Please sign in to leave a comment.