|
Operations over Time |
Displays a chart of Island operations over a 1 day timespan.
Hide Query Show Query #Vendor = "island" | Vendor.message.source!="AdminAction" | timechart(span=1d, series="event.action")
| Time Chart |
|
Users Performing most operations |
Displays a table of users performing the most administrative
operations in Island by username.
Hide Query Show Query #Vendor = "island" | Vendor.message.source!="AdminAction" | groupBy("user.name") | rename([[user.name, "User Name"], [_count, "Count"]])
| Table |
|
Blocked Operations over Time |
Displays a chart of blocked Island operations over a 1 day
timespan.
Hide Query Show Query #Vendor = "island" | #event.outcome = "failure" | timechart(span=1d, series="event.action")
| Time Chart |
|
Blocked Web Navigations per Day |
Displays a chart of blocked Island browser web navigations per
day.
Hide Query Show Query #Vendor = "island" | #event.outcome = "failure" | event.action="Navigation" | timechart(span=1d)
| Time Chart |
|
Top Navigated Categories |
Displays a chart of top navigated Island categories.
Hide Query Show Query #Vendor = "island" | event.action="Navigation" | groupBy("Vendor.message.saasApplicationCategory")
| Bar Chart |
|
Navigations per Day |
Displays a chart of Island browser navigations per day.
Hide Query Show Query #Vendor = "island" | event.action="Navigation" | timechart(span=1d)
| Time Chart |
|
Blocked Navigations by Category |
Displays a pie chart of blocked navigations by category.
Hide Query Show Query #Vendor = "island" | #event.outcome = "failure" | event.action="Navigation" | groupBy("Vendor.message.saasApplicationCategory")
| Pie Chart |
|
Most Accessed Applications |
Displays a pie chart of most accessed applications using an Island
browser.
Hide Query Show Query #Vendor = "island" | event.action="Navigation" | groupBy(Vendor.message.saasApplicationName)
| Pie Chart |
|
Top Blocked URLs |
Defines a list of the top blocked URLS for a given vendor.
Hide Query Show Query #Vendor = "island" | event.action="Navigation" | #event.outcome = "failure" | groupBy("url.original") | rename([[url.original, "Top Level URL"], [_count, "Count"]])
| Table |
