Introduction
The Cisco Cisco Advanced Web Security Reporting application provides filters and dashboards that are designed to give insight into very large volumes of data from multiple Web Security Appliances, and Cisco Umbrella. The Cisco Advanced Web Security Reporting application includes a data collection-and-display application, and a related server that forwards log data collected from Web Security Appliances (WSAs), and an Umbrella host.
The Cisco Advanced Web Security Reporting application receives log data and stores it in data models. You can view these data using searches, or “filters,” that you define.
What’s New
New in Release 7.5.2
Feature |
Description |
---|---|
Splunk Engine Upgrade |
The Splunk engine is upgraded to version 8.2.5. |
Python Upgrade |
The Python version is upgraded from 2.7 to 3.7. |
UI Updates |
You can now access the Access Control page using the following navigation paths for 7.5.2: |
Summary Index |
Summary Index has been enabled in the Overview page to improve the performance. |
New in Release 7.5.1
Feature |
Description |
---|---|
Splunk Engine Upgrade |
The Splunk engine is upgraded to version 7.3.5. |
Syslog Parser Update |
Syslog parser update for Web Security Appliance 12.0.1-334. |
New in Release 7.5
Feature |
Description |
---|---|
Splunk Engine Upgrade |
The Splunk engine is upgraded to version 7.3.3. |
User Drilldown page displays report of AD group details. |
In the page, a new filter is added to search by AD Group name. The AD group details are displayed in the search results. It displays the following details: AD Group, User ID, Destination Domain, Bandwidth Used, and Time Spent. |
New in Release 7.0
Feature |
Description |
---|---|
AWSR proxy services display events with no WBRS Score in search results |
New filter for no WBRS score (Show WBRS: No Score) is added in the dashboard. With this filter, you can view the search results for AWSR proxy services with no WBRS score. |
Department Membership Reporting displays detailed results for AD Group report |
You can now view the following results for AD group reports under :
|
New in Release 6.6
Feature |
Description |
---|---|
Search in Custom Dashboards |
Searching for data in Custom Dashboards is supported.
|
Export from any page |
You can export data (non graphical data) from any dashboard as a comma-separated values (csv) file, an XML file, or a JavaScript Object Notation (json) file. You must hover over the dashboard data display pane to view this option to download. |
New in Release 6.4
Feature |
Description |
---|---|
Web Tracking Dashboard Updates |
|
New in Release 6.3
Feature |
Description |
---|---|
Splunk Engine Upgrade |
The Splunk engine is upgraded to version 6.6.6. |
New in Release 6.2
Feature |
Description |
---|---|
Cisco Umbrella reports support |
You can point the Cisco Advanced Web Security Reporting application to the private AWS S3 bucket containing logs provided by Umbrella. You can view the reports in the Consolidated Web Security Reports dashboards. |
Splunk Engine Upgrade |
The Splunk engine is upgraded to the latest version. |
Note |
Role based reporting works only on the data models that are not accelerated. Since disabling acceleration increases the time to load reports, enable data model acceleration if role based reporting is not used. See Configuration Best Practices and Restrict Access to Department Reports by Role. |
New in Release 6.1
Feature |
Description |
---|---|
CEF Extractor |
The Common Event Format (CEF) Extractor service lets you transform access logs received from one or more WSAs into CEF-formatted output data. |
Web Security appliance AsyncOS 10.1 support |
Support for changes to Archive Scan access logs, included in the AsyncOS 10.1 for Web Security Appliances release. |
New in Release 6.0
Feature |
Description |
---|---|
Custom Filters |
Define custom searches of the available access, SOCKS and AMP log data, in a process known as “filtering.” |
Web Security appliance AsyncOS 10.0 changes |
AMP enhancements and Referrer header-related support. |
Supported and Unsupported Features
Component |
Supported |
Not Supported |
---|---|---|
Server |
Single-server deployments |
Multiple-server deployments |
Transport Methods |
FTP (files and directories) TCP (syslogs) |
|
|
Integrated PDF generation Scheduled PDF Reporting |
|
Custom Dashboards |
For each predefined report, use Save As Dashboard to create a custom dashboard for selected time range, source type and host (limited). For each custom filter, use Save As Dashboard to create a custom dashboard for selected Filter fields from access, SOCKS or AMP logs. |