I manage several eero networks on a site. Lately i have been getting pressure from above to explain why some devices are getting the "limited connectivity" and essentially getting knocked off the network seemingly randomly throughout the day.  When the device moves to a different network it is able to resume normal operation for a while. 

I look at the weekly digest of all of the threats blocked, and this (and many other) devices are showing up as having attempted to visit a blocked site. However, i can not really push back when they say they didn't because i have no visibility into the actual "offense". 

I suspect it is a false positive, or an ad on one of the sites is tripping the alert. I am almost 100% sure that it is not really the users activity because the automation devices (smart plugs, Amazon Echo [not show]) are some of the devices that are getting blocked. 

I think this would even be useful for the average home user, so they could whitelist any site that is a false positive and give further insight into the function of their network.