Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Unknown network Traffic

DIandA
New here
‎May 15 2023 12:48 PM
‎May 15 2023 12:48 PM

Unknown network Traffic

Hi - While reviewing the logs for Network-wide>Clients>Usage> Details (pie chart), I see 'Unknown' listed under Destination with a significant amount of Active Time under it. Could you please let me know what kind of website/URL could this be? Also, where can I get to see the detailed web browsing history for each client and potentially download it? Thank You for your help!

DIandA_0-1684180195230.png

 

0 Kudos
Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎May 15 2023 1:54 PM
‎May 15 2023 1:54 PM

Normally, this is a application that was not classified by the NBAR.

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Next-gen_Traffic_Anal...

 

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/qos_nbar/prot_lib/config_library/pp5900/nbar-prot-...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
a5it
Getting noticed
‎May 15 2023 8:28 PM
‎May 15 2023 8:28 PM

Great questions!

 

Firstly, seeing 'Unknown' under Destination in your usage details is quite common. This usually indicates traffic to or from a destination that Meraki's Layer 7 engine couldn't categorize. This can be due to several reasons, including encrypted traffic that the system can't inspect, internal network traffic, or traffic to less common websites or services that are not in Meraki's database.

 

As to your second question, the Meraki dashboard provides some visibility into client browsing history, but it's not designed to be a comprehensive web history tool. It can show you which categories of websites a client is visiting and the total amount of data used. However, it doesn't provide full URL logs or a detailed breakdown of individual pages visited due to privacy concerns and the large volume of data this would entail.

To access the browsing history for each client:

 

  1. Navigate to Network-wide > Monitor > Clients.
  2. Click on the client for which you want to see browsing data.
  3. Scroll down to the Usage section.

Unfortunately, the Meraki dashboard doesn't support exporting this data directly. If you need more detailed web history or data export capabilities, you may need to look into specialized web filtering or monitoring tools, or consider setting up a syslog server to capture more detailed logs from your Meraki devices.

 

For further assistance or if you have more questions, feel free to ask.

 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.