View the summary of most seen applications, threats, users, URLs,
and rules in your network for the selected time period. Glance through this view to
quickly identify any irregularities within your network and then delve deeper to
examine the activity that requires investigation. The Overview view includes:
Top 5 applications and application categories in your
network that have the maximum activity in terms of number of sessions, data
transfer, threats detected, URLs accessed, and users who accessed the
applications. Click
Top 5 threats and threat categories that are most
affecting the sessions, users, and applications. View the details of
sessions, users, and applications in the Log Viewer, Users, and Applications tabs respectively.
Network traffic trend of blocked, allowed, and alerted
sessions, the amount of data transferred, and users generating the most
traffic.
Top 5 users with most traffic sessions, data transferred, threats
found in traffic, URLs accessed, and the user experience scores for
monitored applications.
Most accessed URLs along with details on session, users,
and applications accessing the URLs.
Top 5 most impacted Security policy rules configured in
your deployment with filters to know the sessions, users, URLs, threats,
data transferred, applications involved in the traffic matching the rules.
You can use the filters to view the data points you want to focus on
and relevant to your deployment. These filters are available in all the tabs of the
dashboard.
Filters
Activity Insights has advanced filters to help you focus on the
security aspects that matter to your deployment. The available filters are:
Time Range
- view data for a specified
time period
Scope Selection
- data specific to a
deployment: Prisma Access, NGFW
Subtenant
- the Prisma Access instance
for which the data is displayed
User Name
- view activities involving an
individual user
Application
- network events concerning a
specific application