Login
- Table of Contents
-
- 03-Monitor
- 01-Application analysis center
- 02-Blacklist logs
- 03-Single-packet attack logs
- 04-Scanning attack logs
- 05-Flood attack logs
- 06-Threat logs
- 07-Reputation logs
- 08-URL filtering logs
- 09-File filtering logs
- 10-Data filtering logs
- 11-Security policy logs
- 12-IPCAR logs
- 13-Sandbox logs
- 14-NAT logs
- 15-SSL VPN user access logs
- 16-SSL VPN access resource logs
- 17-Terminal status
- 18-DLP logs
- 19-Zero trust policy logs
- 20-Application audit logs
- 21-System logs
- 22-Configuration logs
- 23-Traffic logs
- 24-Load balancing logs
- 25-TopN traffic
- 26-Security policy hit analysis
- 27-TopN threats
- 28-TopN URL filtering statistics
- 29-TopN file filtering statistics
- 30-Attack defense statistics
- 31-Server load balancing statistics
- 32-Outbound link load balancing statistics
- 33-Transparent DNS proxy statistics
- 34-Connection rate ranking
- 35-DLP statistics
- 36-TopN traffic trends
- 37-Security policy hit trend analysis
- 38-TopN threat trends
- 39-TopN URL filtering trends
- 40-TopN file filtering trends
- 41-Link trend
- 42-Routing policy trends
- 43-Virtual server trend
- 44-Server farm trends
- 45-Real server trend
- 46-Domain Requested Times Trend
- 47-TopN file filtering trends
- 48-Online SSL VPN users trend
- 49-Botnet analysis
- 50-Asset security
- 51-Threat case management
- 52-Report settings
- 53-Session list
- 54-LB session information
- 55-DNS cache information
- 56-User information center
- 57-IPv4 online users
- 58-IPv6 online users
- 59-MAC authentication online users
- 60-Terminal status
- 61-Asset scan
- 62-Ping
- 63-Tracert
- 64-Packet capture
- 65-Webpage Diagnosis
- 66-Diagnostic Info
- 67-Packet trace
- 68-Load balancing test
- 69-IPsec diagnosis
- 70-Risk analysis
- 71-Content moderation logs
- 72-Content security top
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 01-Application analysis center | 53.51 KB |
Application analysis center
This help contains the following topics:
· Configure the application analysis center
¡ Customize the settings for each widget
Introduction
The application analysis center displays the statistics for the following widgets:
· Application Usage.
· User Activity.
· Source IP Activity.
· Destination IP Activity.
· Security Policy Usage.
· Source Security Zones.
· Destination Security Zones.
· Threat Activity.
· WAF Activity.
Each widget displays the statistics based on the following aspects:
· Bytes—Displays the traffic distribution by bytes.
· Sessions—Displays session statistics. You can obtain information about which applications, users, and IP addresses have established or occupied a large number of sessions.
· Threats—Displays threat statistics.
· URLs—Displays Web access statistics.
· Files—Displays file filtering statistics.
· Data—Displays data filtering statistics.
Restrictions and guidelines
If the device updates to a version that supports the application analysis center feature from one that does not, the device performs application analysis only on the data after update.
Configure the application analysis center
Configure global settings
The Application Analysis Center page provides the following global conditions for statistics collection that take effect for all widgets.
Select a context
To display context-based statistics, select a context from the Context list. To display the statistics for all contexts, select All from the list.
Specify the time range
To display the statistics in a time range, select the time range from the Time range list, or click Custom from the list and customize the time range as required.
Select widgets
To customize the widgets displayed on the page, click Select module and select the desired widgets from the list.
Add global filters
To add a filter to filter the statistics, click Filters in the Global filters field, select a filter type, and configure the filter as required.
To remove a filter, hover the mouse over
the filter and click the 
icon
at the right of the filter. To remove all filters, hover the mouse over the Global filters
field, and click the 
icon
at the right end of the field.
Customize the settings for each widget
You can configure the following settings that take effect only for the specified widget.
View more data
By default, each widget displays only top
10 entries. To view more data, click the 
icon in the
top-right corner of each section.
Add analyzer filters
To add filters for a widget only, click the
icon in the
top-right corner of each section, and then set the filters as required.
Switch between analysis aspects
To obtain the statistics for an analysis aspect, select the analysis aspect on the top of each section. The following aspects are supported in the current software version: Bytes, Session, Threats, URLs, Files, and Data. After you select an analysis aspect, the system ranks the statistics based on the analysis aspect. For example, if you select Bytes for Application Usage, the Application Usage section will rank the applications based on the traffic in graphs and tables.
Display data in graphs and tables
The page supports display data in graphs and tables for each widget.
The types of graphs include treemaps (
), area graphs
(
), line graphs
(
), and
histograms (
). Support for
types of graphs varies by widget.
To display the statistics in a type of graph, click the graph icon in the top-right corner of each section. Only area graphs support the drill down functionality. Drill down is a capability that enables you to view statistics from a general view to a more specific view by clicking the mouse. For example, for the Application Usage widget, you can click the E-Mail area in the area graph. Then, the area graph will display information only about the Email's subcategories, such as 126 Mail and 163 Mail. To view information about a specific Email subcategory, click the subcategory area, like 126 Mail area.
By default, a table displays only top 10 entries. To view more data, click Miscellaneous and select View more data from the list.
The non-numeric columns allow for more actions,
such as adding an application name as a widget-specific filter or adding it as
a global filter. To bring up the action menu for an item in a non-numeric
column, hover the mouse over the item, click the 
icon.
Application usage
The Application Usage section displays application usage statistics based on different aspects. You can customize the settings for applications accordingly.
Area graphs provide visibility to the applications with the top bandwidth usages, and provide the drill down capability to present the detailed application statistics.
User activity
The User Activity section displays user statistics based on different aspects. You can customize the settings for users accordingly.
Source IP activity
The Source IP Activity section displays source IP statistics based on different aspects. You can customize the settings for source IPs accordingly.
Destination IP activity
The Destination IP Activity section displays destination IP statistics based on different aspects. You can customize the settings for destination IPs accordingly.
Source security zones
The Source Security Zones section displays statistics of source security zones based on different aspects. You can customize the settings for source security zones accordingly.
Destination security zones
The Destination Security Zones section displays statistics of destination security zones based on different aspects. You can customize the settings for destination security zones accordingly.
Security policy usage
The Security Policy Usage section displays security policy matching count. You can customize the settings for security policies accordingly.
Threat activity
The Threat Activity section displays statistics of the threat events. You can customize the settings for threat defense accordingly.
Keyword analysis
The Keyword section displays data filtering statistics of file transmission, email sending and receiving, and website access based on keywords. You can customize related strategies to reduce the leakage of confidential information and user sensitive information.
WAF activity
The WAF Activity section displays statistics of the WAF attack events. You can customize the settings for WAF protection accordingly.
