AIOps

Use the credentials associated with your Palo Alto Networks support account and log in to the AIOps application on the hub.
From the
Activity
Dashboards
homepage, open the DNS Security dashboard.
From the dashboard, configure your filter options using the available drop downs.

Filter by time range—Select from
Last hour
,
Last 24 hours
,
Last 7 days
, or
Last 30 days
to display data for a specific time-frame.
Filter by DNS category—Select from
C2 (DGA, Tunneling, other C2
),
Malware
,
Newly Registered Domain
,
Phishing
,
Dynamic DNS
,
Allow List
,
Benign
,
Grayware
,
Parked
,
Proxy
, and
Any Category
, to filter the data set based on a DNS type.
The Allow List category is a list maintained by Palo Alto Networks of explicitly allowable domains based on metrics from PAN-DB and Alexa. These allow list domains are frequently accessed and known to be free from malicious content.
Filter by DNS action—Select from
Allow
),
Block
, and
Sinkhole
to filter based on the action taken on a DNS query based on your DNS Security profile action settings.
Optionally, you can also Download, Share, and Schedule Activity Reports.
You can re-contextualize, interact, and pivot from the data provided by the dashboard cards. For an overview of each of the DNS Security dashboard cards, see DNS Security Dashboard cards.