Palo Alto Networks provides several options to monitor DNS Security activity to accommodate intelligence retrieval for a range of products that rely on DNS Security and the associated traffic data. Depending on the product platform, you can access high-level dashboards that provide DNS request statistics and usage trends, including context into network activity, to specific DNS request details from specific users in the form of logging data.

The DNS Security dashboard provides a view into your networks DNS query data as well as the ability to drill down into various DNS trends. Each dashboard card provides a unique view into how DNS requests are processed and categorized in a graphical report format. This allows you to see, at a glance, a high-level view of your organization’s DNS usage statistics.

You can also view the logs that are automatically generated when DNS requests are processed. These event files are time-stamped and provide an audit trail when configured to do, based on the DNS category log configuration. DNS log entries can contain various details about the DNS request, including the nature of the DNS threat posed by the associated domain, as well as action taken when the threat was detected.

Palo Alto Networks provides several methods to monitor the DNS Security activity based on your platform.