Detect and Alert on Malicious Traffic: AI Security Log Viewer
Monitor the AI traffic flow between the user apps and AI models.
This page shows the use of AI Network flow logs to flag malicious traffic and
correlate them with cloud assets discovered in the Strata Cloud Manager (SCM) Cloud
Application Command Center.
Licensing Capacity Limit: Limited
to processing up to 10K AI transactions per day per vCPU of AI Runtime Security
instance.
For each security event (Block or Alert) triggered by the AI Security profile,
the traffic logs between server and client are logged. For instance, Data Leak
Detection, URL Security Detection, and Prompt Injection Detection logs. The log includes
traffic details such as the AI model name, CSP region name, AI model CSP region name, AI
incident type, incident subtype, and the AI security profile name. You can also find the
session ID, source, and destination details.
Traffic Details
Click on a log to view the detailed traffic logs showing general information
about the AI Runtime Security, including a session ID, the source and destination of the
traffic, AI Security details such as the model name, the model CSP name, the incident
type, and an incident report ID for troubleshooting.
AI Security Report
Switch to the AI Security Report tab to inspect the content of the AI traffic for
specific AI threat logs:
The Model Protection displays logs for any detected prompt injection
threats.
The Application Protection Shows URL categories and the specific URLs
that triggered these categories.
The Data Protection Lists DLP data patterns that were triggered and the
masked content that caused each pattern to trigger. These logs are categorized
based on low, medium, and high-severity alerts.