KB Article | Forcepoint Support

Problem Description

User Name, Source IP, Connection IP and Workstation filters result as NOT AVAILABLE when you run reports in Forcepoint Cloud Web Security.

An example output: 
User-added image


This is expected to happen when Anonymize end user information is enabled under Account > Privacy Protection > Web Privacy Settings. If you had selected All policies, this applies to all existing policies and any new policies you create in the future. To override all privacy protection selections in the event of a security threat, mark Preserve end user information for security threats.

You can define the attributes that should be anonymized in web reports.
  • By default, User name, Connection IP, Source IP, and Workstation are all selected.
  • When the Connection IP option is selected, the connection name is also anonymized.
  • You can select and clear the options most appropriate for your organization, but at least one check box must be selected.
  • If you are a Forcepoint Mobile Security user, the IMEI number attribute is also available and selected by default. 
  • If you have selected Preserve end user information for security threats, the attributes that you select are not anonymized for any web traffic considered to be a security risk
If you would like to have the data populate in the reports, you should disable the Anonymize End user information and save the changes made. The changes will take effect after 20-30 minutes. 

cws; cloud web security; user; ip; not available; anonymize end user information; web privacy settings; report

Article Feedback

Thank you for the feedback and comments.