Skip to main content

View Application Block Activity in Nebula

Updated: 

View block activity with the Activity Log tab on the Application Block page. This page displays data and trends to understand which applications are being blocked on endpoints. Use this data to adjust your Application Block rules as needed. 

View activity

  1. Log in to Nebula.
  2. In the left navigation menu, go to Monitor > Application Block.
  3. Endpoint activity displays.

The top diagram displays a timeline for all blocked activity within the last 30 days. Click on blocked timeframes to filter the table by blocked activity for this timeframe.  

Endpoint activity

The Activity Log tab displays blocked applications across all your managed endpoints. Blocked records are retained for approximately 90 days. View the following information for each endpoint's activity record:

  • Agent version: Nebula endpoint agent version. 
  • Application data: Name of the application executable blocked on the endpoint. 
  • Blocked at: Time and date the application was blocked.
  • Endpoint: The endpoint hostname with the blocked application.
  • Group: The group of the endpoint.
  • IP Address/CIDR: IP Address or CIDR of the endpoint. 
  • OS platform: The operating system platform of the endpoint.
  • OS release name: The operating system release name of the endpoint.
  • OS type: Whether the endpoint is a Workstation or Server. 
  • OS version: The operating system of the endpoint. 
  • Policy: Policy the endpoint is assigned under.
  • Rule: Block rules assigned to the endpoint.
  • User: User account on the endpoint. 

Sort data in the results list

The Activity Log table helps you manage the available information pulled from your endpoints. Use filters within this table to sort your block activity information into specified results. 

Customize data in the results list in the following ways:

  • Click Add / Remove Columns above the results list to choose which columns to display.
  • Drag and drop certain column headers to the results bar to group data by those parameters.
  • Hover your cursor over a column header to reveal a hamburger iconhamburger.png with options to pin and auto-size columns.

Click on a column filter icon Filters.png to narrow the results. When clicking on the filter icon, the filter list at the top of the screen shows which filters are applied. Click on a filtered item to remove it, or Clear Filters to remove them all.

Export data

Download Application Block activity information to your local machine for auditing purposes or external reporting. 

  1. Select all or check specific boxes for the rows you want to export.
  2. Click Actions > Download .csv or Download .xlsx.

If the data size is too large to download, an email will be sent instead with a link to download the export.

 

Return to Application Block guide for Nebula

Still have questions?

Support is available via chat, phone or by creating a ticket. You can also use our virtual assistant for guided assistance.

Learn more