Skip to main content

Skyhigh Security is launching standalone documentation portals to support Japanese, German, and French languages. We are not supporting auto-translation. Stay tuned for further updates. Thanks for your support.

Skyhigh Security

How CSR Works

Content Security Reporter (CSR) uses several elements that work together to provide reporting capabilities.

Content Security Reporter workflow

To successfully set up, use, and maintain CSR, understand the role for each component.


Number Description
1 On managed systems, an alert or event occurs. Depending on your configuration, the alert or event is logged to the CSR database.

The CSR database saves the alert, authentication, email, and web data.


Secure Web Gateway captures and logs the web event. It sends the logs to the CSR database.


Advanced Threat Defense captures and logs the event. It sends the logs to the CSR database.

3 A CSR query retrieves data from its database and defines how it is displayed.
4 A CSR filter limits the data to specific users, websites, and threat reputations. The data is displayed in the Trellix ePO.

Dashboard — Organizes your data in a customized view to provide detailed information for analysis.

5b Report — Combines queries, filters, and other elements into a PDF to provide detailed information for analysis.
  • Was this article helpful?