Search User
The Search > Activity screen allows administrators to look up network activity by user. A user-aware user is a user who must log in to the Zyxel Device, so that the Zyxel Device can apply specific routing policies and security settings to this user. The Zyxel Device is ‘aware’ of the user who is logged in and therefore can store ‘user-aware’ analytics and logs.
To perform a search, click Search > Activity.
In the field at the top-left of the screen, enter a username. You may also enter a partial term to generate a list of matching results.
Search > Activity > User
Details
Click an entry in your search results to open up a report of the user’s recent security events, application usage, website usage, top destination countries, and login or logout history.
Security events include anomalies, app patrol, malware, spam, threats (IPS), unsafe websites, and web protection (websites blocked by web security policies). The following table shows severity levels for security events.
Security event | severity definition |
|---|---|
IPS | IPS: highest is 5, lowest is 1 Severity from 1 – 5 |
Malware | Severity 4 |
Spam | Severity 3 |
Unsafe website access | For these categories, severity is 4 • Botnets • Compromised • Malware • Phishing & Fraud |
Spam sites: severity 3 | |
Anonymizers: severity 2 | |
Network errors: severity 1 | |
Anomaly | Severity 2 |
Select an username in Search > Acitivity > User to display the following figure.
Search > Acitivity > User
Click a graph to see further usage details for this user. The following figure shows details on security events through the selected Zyxel Device for this user.
Search > User > Details > Security Event (Hits)