Use Cases

Someone at your company observed a visiting vendor, who was logged into your guest network, browsing offensive Web locations. You want to run a report for that day so you can forward it to the vendor and ask that future visitors refrain from such activity.
You suspect a particular client is infected with malware and you want to see a detailed report for all activity as it relates to that client.
You want a browsing behavior breakdown for one specific user.

Procedure

Two locations provide access to the
Forensic Report
:
Any
Dashboard
link, select
Common Tasks > Report Tasks > Forensic Report
.
The
Report Center
page, select
New Report > New Forensic Report
.
In the New Forensic Report dialog, enter the generation criteria. You can select any or all of the options.

Select a
User
; if you know the username, begin typing to use auto-fill. This examples looks for
unauthenticated users
.
To restrict the report to a single client, select or enter a
Client IP
.
To restrict the report to single
Category
, select or enter one. This example displays results for unauthenticated users who browsed
Adult/Mature Content
sites.
To restrict the report to a known destination
Site
, select or enter one.
To specify a time frame of user activity, select a
Date is
option. This example uses the
Custom
option and isolates the day when the visitor was on campus.
Click
Run Report
.

If the report does not display the desired data set, select
Reports > Close Current
and repeat the procedure with other search criteria.
If the report satisfies your needs, save and disperse as required. See What Can I Do With Reports?.