Autonomous DEM
Gain Insights into Policy Attributes Blocking User Access
Table of Contents
Gain Insights into Policy Attributes Blocking User Access
Access Analyzer enables you to troubleshoot the security policy and its attributes
that contributed to blocking the user access to an application.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
|
Access Analyzer enables you to troubleshoot the security policy and its
attributes that contributed to blocking the user access to an application. It
provides clear visibility into the specific attributes evaluated when a policy rule
is matched.
You can identify:
- Which user attributes contributed to policy enforcement
- If the user belonged to multiple user groups that triggered the match
- If a Host Information Profile (HIP) was applied
- If recent policy rule changes caused the policy enforcement
- The time of events that matched the security policy rule in traffic logs
To get insight into the security policy blocking the user access:
- Start a query for users whose access you’re interested in. For example, the following query allows admins to determine whether a user has hindered or blocked access for a particular application.Can mobile user <name> access <application> from prisma access location <location-name> using device <device name>Click Analyze to view query results.Under Results, click Security Policy (Based on Logs) to view the logs.
![]()
From the Traffic logs, click Expand for Policy Insights > Policy Insights to analyze the policy changes that caused the enforcement.![]()
Review the Summary to know the attributes (such as user group that triggered the policy, and HIP profile) that contributed to the policy enforcement.![]()
Click the HIP profile to view the details of the profiles that matched the policy rule.To understand what caused the change in policy enforcement, click the Change Comparison tab. Here you can compare the current policy configuration with the version that was active right before the enforcement change was logged.![]()
