Home
EN
Location
Documentation Home
Palo Alto Networks
Support
Live Community
Knowledge Base
>
Clear
View DNS Security Logs (NGFW (Managed by PAN-OS or Panorama))
Updated on
Thu May 02 23:04:47 UTC 2024
Focus
Download PDF
Updated on
Thu May 02 23:04:47 UTC 2024
Focus
Home
Advanced DNS Security
Monitor DNS Security Subscription Services
View DNS Security Logs
View DNS Security Logs (NGFW (Managed by PAN-OS or Panorama))
Download PDF
Advanced DNS Security
PAN-OS
Table of Contents
Filter
Expand All
|
Collapse All
Advanced DNS Security
Administration
View DNS Security Logs (
NGFW (Managed by PAN-OS or Panorama)
)
Log in to the PAN-OS web interface.
Search for activity on the firewall for queries that have been processed using DNS Security.
Select
Monitor
Logs
Threat
and filter based on the DNS category.
Consider the following examples:
( category-of-threatid eq dns-c2 )
to view logs that have been determined to be a C2 domain by DNS Security.
( category-of-threatid eq adns-hijacking )
, whereby the variable
adns-hijacking
indicates DNS queries that have been categorized as a malicious DNS hijacking attempt by Advanced DNS Security.
To search for other DNS types, replace c2 with another supported DNS category (ddns, parked, malware, etc).
Select a log entry to view the details of a detected DNS threat.
The threat
Category
is displayed in the
Details
pane of the detailed log view. Other relevant details about the threat are displayed in their corresponding windows.
Recommended For You