About WildFire Logs and Reporting

Table of Contents

Use the WildFire Appliance to Monitor Sample Analysis Status

About WildFire Logs and Reporting

Where Can I Use This?	What Do I Need?
WildFire Appliance	WildFire License

You can monitor WildFire appliance logs on the firewall, with the WildFire portal, or with the WildFire API.

For each sample WildFire analyzes, WildFire categorizes the sample as malware, phishing, grayware, or benign and details sample information and behavior in the WildFire analysis report. WildFire analysis reports can be found on the firewall that submitted the sample and the WildFire cloud (public or private) that analyzed the sample, or can be retrieved using the WildFire API:

On the firewall—All samples submitted by a firewall for WildFire analysis are logged as WildFire Submissions entries (MonitorWildFire Submissions). The Action column in the WildFire Submissions log indicates whether a file was allowed or blocked by the firewall. For each WildFire submission entry you can open a detailed log view to view the WildFire analysis report for the sample or to download the report as a PDF.
On the WildFire portal—Monitor WildFire activity, including the WildFire analysis report for each sample, which can also be downloaded as a PDF. In a WildFire private cloud deployment, the WildFire portal provides details for samples that are manually uploaded to the portal and samples submitted by a WildFire appliance with cloud intelligence enabled.

The option to view WildFire analysis reports on the portal is only supported for WildFire appliances with the cloud intelligence feature is enabled.
With the WildFire API—Retrieve WildFire analysis reports from a WildFire appliance or from the WildFire public cloud.

Monitor WildFire Appliance Activity

Use the WildFire Appliance to Monitor Sample Analysis Status