Prisma Access

  1. Use the credentials associated with your Palo Alto Networks support account and log in to the Prisma Access application on the hub.
  2. From the
    Activity
    Dashboards
    homepage, open the DNS Security dashboard.
  3. From the dashboard, configure your filter options using the available drop downs.
    1. Filter by time range—Select from
      Last hour
      ,
      Last 24 hours
      ,
      Last 7 days
      , or
      Last 30 days
      to display data for a specific time-frame.
    2. Filter by DNS category—Select from
      C2 (DGA, Tunneling, other C2
      ),
      Malware
      ,
      Newly Registered Domain
      ,
      Phishing
      ,
      Dynamic DNS
      ,
      Allow List
      ,
      Benign
      ,
      Grayware
      ,
      Parked
      ,
      Proxy
      , and
      Any Category
      , to filter the data set based on a DNS type.
      The Allow List category is a list maintained by Palo Alto Networks of explicitly allowable domains based on metrics from PAN-DB and Alexa. These allow list domains are frequently accessed and known to be free from malicious content.
    3. Filter by DNS action—Select from
      Allow
      ),
      Block
      , and
      Sinkhole
      to filter based on the action taken on a DNS query based on your DNS Security profile action settings.
  4. You can re-contextualize, interact, and pivot from the data provided by the dashboard cards. For an overview of each of the DNS Security dashboard cards, see DNS Security Dashboard cards.

Recommended For You