Skip to main content
Skip table of contents

Aggregate Logs View

  • Aggregate Logs View allows you to more easily analyze your outbound DNS logs by compiling your traffic in an easy-to-consume manner. Aggregate the logs based on Country, Device Name, Domain, FQDN, or Status. This will enable the ability to narrow your focus based on specific aggregates. The default timeframe is to aggregate on a single day, with a maximum window of seven (7) days, and limited to the last ninety (90) days. Multiple levels of aggregations are supported, by clicking on the downward-pointing chevron (đź”˝), where applicable. When clicking on the link available in the “Count” column, it will show the log view as aggregated by your criteria in a fly-out panel. Simple filters can be applied to each aggregation.

  • Top-level aggregations can be performed on:

    • Category - Domain Category

    • Client IP

    • Country

    • Device Name

    • Domain

    • Email

    • FQDN

    • Group - Only applicable if utilizing the EntraID integration

    • Policy - Only applicable if utilizing the EntraID integration

    • Ruleset - HYAS Protect Policy Engine Rulesets.

    • Status - Permitted, Blocked, Highly Suspicious, Watch Engine, No Status

    • Threats

    • Username

    • Tag

  • Aggregation options at the child-level will adapt according to earlier aggregation choices.

  • Navigate to Aggregate Logs view by toggling the button at the top left of the standard logs view page.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close