This screen provides an interface for querying the Protex access logs. These logs maintain a log of all accesses via the Protex filtering system: both allowed and denied URLs are logged with the host IP of the requester, the filter profile in use and, if NTLM authentication is set up, the
username of the user.
By default the query will show all activity on today's log. You can modify the query by selecting the items on the form before clicking on the Run the report button:
- change the date range by setting the start and end days and times
- search for results for a specific IP address
- search for results for a specific user (using the network username)
- search for a specific domain
- modify the actions searched for (see the drop-down menu for the options available)
You can also generate a 'top 20' (or any other number!) list of DENIED and ALLOWED sites which can be useful in picking up unusual activity or popular sites.
A typical search will give results similar to the following:
Note that DENIED sites also include the reason they have been blocked and, if it is by the content of the page, the phrases used in calculating the score and the category the URL is in.