Security Activity Report
The Security Activity report (Reporting > Security Activity) is designed to highlight those Umbrella identities that have events that triggered against one of the security categories configured for the policy.
The security activity could be malware activity, botnet activity, or phishing sites—or more. To find out about each of the individual activities and categories you can report on, click here.
Once you've picked the Security Activity report, you can filter based on security categories by going to the bottom of the sidebar on the left-hand side and selecting Filters > Filter by Security Categories > Choose Security Categories.
Once you've done that, the pop-up will expand to show you the options you can pick from:
Once you've selected your categories, these will show up under your filter:
Tip: To remove a category from the list, just click it.
Once you've selected the categories you'd like a report on, along with the time period and any identity or network filters you'd like, click Run Report.