Cloud app use

Administrator Help | TRITON AP-WEB and Web Filter & Security | Version 8.3.x

Related topics:

Application reporting

User Summary Report

Cloud App Summary

Use the data on the Cloud Apps tab to gain visibility into the use of cloud applications by users in your networks, and the potential risks associated with their use.

Use the options at the top of the page to filter the data that is displayed:

The Time period for the report.

Select Today, 2 days, 7 days (the default), 14 days, 30 days, 60 days, or 90 days from the drop down.

If you are using Microsoft SQL Express, the maximum time period is 30 days.

The calculated "from date" is provided next to the selection.

The App risk levels to be reported.

Check the box next to High, Medium, or Low to include data for applications that have been assigned the selected risk level.

Click Update to display a new report that uses your selected filters or to include more recent data in the report.

Data above the table shows the number of Cloud apps used, the number of Users accessing cloud apps, and the total Traffic volume associated with cloud app usage.

The results that match your filter are included in a columnar table.

Viewing cloud application use

A View by option is provided to change the report contents. Select Cloud app to produce a report on use of the applications. Select Cloud app user to generate a report about users of cloud applications.

When Cloud app is selected, the following columns are included in the table:

Risk Level: an assessment of the level of threat (High, Medium, or Low) associated with each cloud application.

By default, the table is sorted by Risk Level, using the risk value assigned to each threat level. The values are 1, 2, and 3 for High, Medium, and Low, respectively.

Click the link provided in this column to open a window with information about the application and the associated risk.

Cloud App: the application name.

Click a link in this column to open a User Summary Report for the selected application.

Type: the type of application being accessed.

Users: the number of users who have accessed the application.

Requests: the total number of requests made to the application.

Bytes Sent: the total number of bytes sent by requests to the application.

Bytes Received: the total number of bytes received from the responses to requests for an application.

Last Accessed: the date and time the application was last accessed.

When the View by selection is Cloud app user, the following columns are included:

User: the user or IP address of the user accessing cloud applications.

Click a link in this column to open a summary of cloud application use by the user. See Cloud App Summary.


	Note If a user accesses the same cloud app through both the hybrid service and on-premises components (Filter Service and Content Gateway), the user appears twice in the report.

Cloud Apps Accessed: the total number of cloud applications accessed by the user.

Requests: the total number of requests made to cloud applications.

Bytes Sent: the total number of bytes sent by requests to cloud applications.

Bytes Received: the total number of bytes received from the responses to requests for the applications.

Last Accessed: the date and time a cloud application was last accessed by the user.

By default, the table is sorted on the last accessed date.

Using Cloud app reports

Controls are provided with each table, including the User Summary Report and the Cloud App Summary.

Use the Find feature to restrict the information in the table.

Enter up to 50 characters (special characters are not supported) and click Search to filter on:

Cloud App: application name or type.

Cloud App User: user information.

User Summary Report: user information.

Cloud App Summary: application name, application type, or risk level.

Click Clear to remove your entry.

Click Export to CSV to generate a comma-separated table (maximum of 10,000 rows) of the data. The Time Period and Find values become part of the query used by the export, even if the filters were not used to update the table.

Exports from the Cloud App table or the Cloud Apps Accessed by table will include the application information provided by the Risk Level link.

When selected on the main Cloud app page, an export will create a file called cloudapps.csv. From the Cloud app user page, an export will create cloudappusers.csv.

From the summary pages, an export will create cloudapps_<app name>.csv (User Summary) or cloudappusers_<user name>.csv (Cloud App Summary).

Use the paging options below the table to navigate to other report pages.

Use the arrows next to column headings to change the sort order of each report.

Click the icon in the upper right of each chart to expand it and display it on it's own page.

Click and drag the edge of table column headers to manually adjust the default column width.

Delegated administrator access to the Cloud Apps report is included in the Access application reports option in the Reporting Permissions section of Delegated Administration > Edit Roles. Administrators with "access application reports" permissions automatically receive access to the new Cloud Apps tab.


	Note Delegated administrators with permission to Report on managed clients only, and assigned to multiple roles, will be able to view data only for their managed clients.

To support the ability to report on cloud applications, a Cloud Apps database is downloaded on a regular basis. The schedule defined for the Master Database download on the Settings > General > Database Download page is also used for the Cloud Apps database download process.