Hi All,
I am using Websense web security 7.7.0.
My security specialist has requested a daily scheduled report to show requests filtered through Websense that have been assigned particular sub-categories under 'Security' (e.g. malicious websites, Keyloggers, spyware etc. but not Custom-Encrypted Uploads or Files containing Passwords).
After looking through all the Presentation reports and finding nothing that allows me to generate a detailed list of requests like this, I thought the added flexibility of Investigative reporting would be the way to go. However, I found no way to select multiple subcategories to show in the same report. Either the whole 'Security' category, or single subcategories were my only options.
I attempted to work around Websense reporting shortcomings by changing the risk class definition of "Security Risk" to only include the sub-categories I wanted (removing things like Parked Domains and Freeware/Software download) and was planning to generate a detailed investigative report with the results I needed.
I made the risk class changes last week, and this morning ran an investigative report detailing requests flagged as "security risks" so far today only to find URLs categorised as Freeware/Software downloads or Parked Domains still appearing on the report. I wasn't sure if I needed to 'move' these categories to another risk class but have noticed they already appear in "Productivity Loss" by default.
Is there another setting I have missed to have the reporting provide these unexpected results?