You can monitor WildFire appliance logs on the firewall, with
the WildFire portal, or with the WildFire API.
For each sample WildFire analyzes, WildFire categorizes the sample
as malware, phishing, grayware, or benign and details sample information
and behavior in the WildFire analysis report. WildFire analysis reports can
be found on the firewall that submitted the sample and the WildFire
cloud (public or private) that analyzed the sample, or can be retrieved
using the WildFire API:
On the firewall—All samples
submitted by a firewall for WildFire analysis are logged as WildFire
Submissions entries (
Action column in the WildFire Submissions log indicates whether
a file was allowed or blocked by the firewall. For each WildFire
submission entry you can open a detailed log view to view the WildFire
analysis report for the sample or to download the report as a PDF.
On the WildFire portal—Monitor
WildFire activity, including the WildFire analysis report for each
sample, which can also be downloaded as a PDF. In a WildFire private
cloud deployment, the WildFire portal provides details for samples
that are manually uploaded to the portal and samples submitted by
a WildFire appliance with cloud intelligence enabled.
option to view WildFire analysis reports on the portal is only supported
for WildFire appliances with the cloud intelligence feature is
With the WildFire API—Retrieve
WildFire analysis reports from a WildFire appliance or from the
WildFire public cloud.