Skip to content

Column selection options

You can filter your firewall reports and choose which data to view from your firewall reports.

After you generate a report, you can filter the information shown in the report and change the information shown in the columns. To do this, click the column selection button Column selection button. in the table area, on the column's right-hand side. Choose the columns for the information you want to see. This generates a new report with the filtered information shown.

There are different column selection options for each report template. There is a default field for each report template that you can't deselect. The table rows are combined by this field. For example, if the default field is Hits, and a website has 3 hits, there is one row shown for this information.

Note

For each default report template, there's a column selection option called Firewall Device. If this option is selected, the table rows are combined by this field, rather than the default field.

For a list of options for the default report templates, see the tables below:

ATP

Heading Column options
General

Date

Executable

Status

Component

Network

Source IP

Source Country

Source Port

Destination IP

Destination Country

Destination Port

Connection

User

Login User

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Threats and Security

Threat

Process User

Event ID

Event Type

Endpoint ID

Web and Application URL

Antivirus

Heading Column options
General

Date

Status

Log Type

Component

Protocol

Recipient

Sender

Threats and Security

Malware

File

Web and Application

URL

Domain

Connection

User

Bytes Sent

Bytes Received

Bytes

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Network

Source IP

Destination IP

Destination Port

Source Country

Destination Country

Bandwidth usage

Heading Column options
General

Date

Component

Status

Firewall Rule ID

Network

Source IP

Source Port

Source Country

Destination IP

Destination Port

Destination Country

Source Zone

Destination Zone

Connection

User

User Group

Hits

Bytes Received

Bytes Sent

Bytes: Selected by default. The table rows are combined by this field. You can't deselect this field.

Web and Application

Application

Risk

Technology

Category

App Resolver

Classification

Qualifier

Cloud app risks and usage

Heading Column options
General

Date

Firewall Rule ID

Status

Firewall device

Network

Source IP

Source Port

Source Country

Destination IP

Destination Port

Destination Country

Source Zone

Destination Zone

Connection

User

User Group

Hits

Bytes Received

Bytes Sent

Bytes: Selected by default. The table rows are combined by this field. You can't deselect this field.

Web and Application

Application

Category

Risk

Parent Application

Parent Application Category

Parent Application Risk

Classification

Firewall

Heading Column options
General

Date

Component

Firewall Rule ID

Firewall Rule Type

Status

Qualifier

Classification

Network

Source IP

Source Port

Destination IP

Destination Port

Protocol

Source Zone

Destination Zone

Source Country

Destination Country

Connection

Bytes

Bytes Received

Bytes Sent

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

User

Web and Application

Application

Risk

Category

App Resolver

Threats and Security Heartbeat

IPS

Heading Column options
General

Date

Log Subtype

Component

Firewall Rule ID

Message

Network

Source IP

Destination IP

Destination Port

OS

Source Zone

Destination Zone

Source Country

Destination Country

Connection

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Bytes

User

User Group

Bytes Received

Bytes Sent

Threats and Security

Classification

Signature ID

Category

Severity

IPS Policy ID

Victim

Heading Column options
General

Date: Selected by default. The table rows are combined by this field. You can't deselect this field.

Log ID

Log Type

Component

Log Subtype

Firewall Rule ID

Firewall Rule Type

Message

Classification

OS

Verdict

Message ID

Quarantine Reason

Status

End Time

User Full Name

System CPU Usage

User CPU Usage

Idle CPU Usage

Memory Usage Unit

Total Memory Usage

Free Memory Usage

Used Memory Usage

Configuration Disk Usage

Report Disk Usage

Signature Disk Usage

Temp Disk Usage

Threats and Security

Severity

IPS Policy ID

Heartbeat

Rule Priority

Signature ID

Category

Victim

Policy Name

Malware

File Name

File Type

SHA256

Source

Event ID

Event Type

Login User

Process User

Reported ID

Reported Host

Reported AT

Network

Duration

In Interface

Out Interface

Source Mac

Source IP

Source Port

Destination IP

Destination Port

Packets Sent

Packets Received

Source Zone Type

Source Zone

Destination Zone Type

Source Country

Destination Country

Destination Zone

Connection ID

Master Connection ID

Destination Mac

Download File

Download File Type

Upload File

Upload File Type

Source Host

Destination Host

Reported IP

Reported Port

Local Network

Remote Network

Lease Time

Interface

SSID

Web and Application

Web Policy ID

App Filter Policy ID

Application

Risk

APP Category

Technology

App Resolver

Qualifier

IS Cloud App

Parent Application

Parent Application Category

Parent Application Risk

HTTP Category

Category Type

URL

Content Type

Override Token

Override Name

Override Authorizer

Domain

Exceptions

Activity Name

HTTP User Agent

HTTP Status

Transaction ID

HTTP Referrer

Used Quota

Content Filter Key

Action

Context Prefix

Context Match

Context Suffix

File Size

Executable

Command

HTTP Query

HTTP Cookie

HTTP Method

HTTP Response Time

Search Key

Connection

User

User Group

Bytes Received

Bytes Sent

Bytes

Direction

Connection Event

Client Used

Auth Mechanism

Start Time

Access Type

Connection Name

Connection Type

Name

Received kbits

Transmitted Kbits

Received Errors

Transmitted Drops

Collisions

Transmitted Errors

Received Drops

Protocol

Protocol

ICMP Type

ICMP Code

Source Transaction IP

Source Transaction Port

Destination Transaction IP

Destination Transaction Port

Subject

Sender

Recipient

Email Size

SSL TLS Policy

Rule ID

Profile ID

Bitmask

Key Type

Resumed

Certificate Chain Served

Key Param

Fingerprint

Cipher Suite

SNI

Rule Name

Profile Name

TLS Version

Zero-day protection events

Heading Column options
General

Date

Log Subtype

Component

Verdict

Network

Source IP

Destination IP

Destination Port

Source

Threats and Security

File Name

File Type

SHA256

Threat Intelligence

Connection

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Bytes

User

User Group

Bytes Received

Bytes Sent

Web and Application

Domain

Application

Protocol Subject

Threat geo activity

Heading Column options
Network

Source Country

Destination Country

Threats and Security

ATP

Antivirus

IPS

Zero-day protection

Total Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Threats & events blocked

Heading Column options
Network

Source IP

Destination IP

Source Country

Destination Country

Connection

Antivirus

ATP

Firewall

IPS

Zero-day protection events

Web

Web application firewall

Total Threats: Selected by default. The table rows are combined by this field. You can't deselect this field.

VPN usage

Heading Column options
General

Date

Status

Component

Connection

User

User Group

Connection Name

Bytes Sent

Bytes Received

Bytes: Selected by default. The table rows are combined by this field. You can't deselect this field.

Hits

Network

Duration

Source IP

Reported IP

Destination IP

Source Country

Destination Country

Threats and Security RED ID

Web usage

Heading Column options
General

Date

Status

Component

Connection

Hits: Selected by default. The table rows are combined by this field. You can't deselect this field.

Bytes

User

User Group

Bytes Received

Bytes Sent

Connection Direction

Web and Application

Category

Category Type

Domain

URL

Application

Search Key

Threats and Security

Malware

File Name

File Path

Content Type

Network

Source IP

Destination IP