The other licenses needed to view the Activity Insights:
Domains tab are:
Strata Logging Service
Advanced URL Filtering license
Advanced DNS Security or Advanced DNS Resolver license
The Domains page consolidates information to provide
a unified view of domain activity. This view summarizes the domain and URL activity
in your Prisma Access, NGFW, and standalone resolver deployments that the Advanced URL Filtering, Advanced DNS Security, and Advanced DNS Security Resolver services
have detected. You can get visibility into the total number of domains detected in
your network during the specified time period, the breakdown of these domains by
category and risk level, and use the filtering options to filter the view in the
dashboard.
Domain activity presented in Activity Insights can take up to 30 minutes to
populate after logs are forwarded to the Strata Logging service.
Use the data to:
Identify the most accessed domain categories, unique domains
within each category, and domain history in your network along with global
analysis findings. Based on the malicious domains filtered by the URL
Filtering and DNS Security services, these domain categories are likely to
expose your network to malicious and exploitative content. It's a best
practice to block these domains and URL categories.
Review the high-risk domains, their impact on users, applications, and
rules. High-risk domains are not always malicious; however, they might
still expose your network to threats. Consider targeting these sites
with strict decryption and Security policy
rules.
Analyze domain information from both URL Filtering and DNS Security,
providing a comprehensive view of domain activity across your network.
Examine malicious domains detected by both services to enhance your
threat prevention strategies.
(Advanced DNS Security Resolver) You can constrain the scope of
the search to display domains that have been processed by the Advanced
DNS Security Resolver.
Reports—You cannot generate reports that cover the data in this view.