Using the Transaction Viewer

Use the Reporting > Report Center > Transaction Viewer page to find full details of individual web transactions and requests. Where Report Builder shows you high- level analysis from the perspective you select, Transaction Viewer gives you an additional layer of granular information for each transaction. You can manipulate the data further by adding extra filters and columns.

Access Transaction Viewer directly from the Reporting tab to build your own transaction-level reports, or drill down from the Report Builder:

  1. Mark the check box next to each item you wish to view.

    You can select multiple items and change your selections, even after the popup window appears.

  2. In the pop-up window, select View Transactions.

You can also click an entry in any metrics column to view that entry as individual transactions.

The Transaction Viewer loads, listing the date, time, and URL of each transaction within the report item or items you selected.

In the Transaction Viewer, you can:

  • Edit the filters and date range for the transactions you wish to see.
  • Select the columns to display from the Columns drop-down. Click Close when you have made your selections.
  • Click a column heading to make it the active column for sorting transactions. Click again to switch between ascending and descending order.
    Note: To sort transactions by timestamp, click the Date column, not the Time column. Sorting by the Date column automatically orders transactions by both date and time.
  • Delete columns by clicking the X icon in a column heading. Note that you cannot delete the current active column.
  • Drag attributes and metrics from the left-hand pane into the Filters field.
  • Drag attributes and metrics from the left-hand pane into the main report pane to add them as new columns.
  • Enable Detail View to see more detail for the selected transaction. You can also double-click a row to open Detail View.

    The Transaction Details pane opens at the bottom of the page, showing additional information. Depending on the content of the transaction, you may see the following tabs:

    • General lists information such as the user who performed the transaction, the policy, the action, the Web category and risk class. When the risk class is Security, Detail View also displays threat details.
    • Request Details shows the full URL, source and destination IP addresses, the referrer URL, the full MIME type, and the request method.
    • Threat Details is displayed for transactions that involve a security risk. The tab shows the category, severity level, threat name, and threat type, as well as the direction of the transaction.
    • File Sandbox is displayed when the transaction is associated with a file that was sent for advanced sandboxing analysis. The tab lists all files associated with the transaction and the result returned by the File Sandbox, as well as a link to the File Sandbox report.
    • Cloud App Details shows further information about the cloud app associated with the transaction. The tab lists details for the cloud app, such as its name, description, risk level, provider details, and URL, along with a detailed risk profile.
    • Advanced lists HTTP status code, total bandwidth used, filtering time, server response time, authentication method, and user agent.
  • Export selected transactions in PDF or CSV format.

    A maximum of 5,000 table rows can be exported to a PDF file, a maximum of 100,000 table rows to CSV. Data exported using Detail view (PDF format only) can include a maximum of 20 transactions.