1. Home
    2. DNS Security
    3. DNS Security Administration
    4. AIOps

    AIOps

    Benign DNS queries that have been analyzed by DNS Security are not displayed in the AIOps log viewer. Log in to your Cortex Data Lake app to access benign DNS log entries.
    1. Use the credentials associated with your Palo Alto Networks support account and log in to the AIOps application on the hub.
    2. Search for DNS queries that have been processed using DNS Security in AIOps.
      1. Select
        Activity
        Logs
        Log Viewer
        .
      2. Constrain your search using the threat filter and submit a log query based on the DNS category, for example,
        threat_category.value = 'dns-c2'
         to view logs that have been determined to be a C2 domain. To search for other DNS types, replace c2 with another supported DNS category (ddns, parked, malware, etc). Adjust the search criteria as necessary for your search, including additional query parameters (such as the severity level and subtype) along with a date range.
      3. Select a log entry to view the details of a detected DNS threat.
      4. The threat
        Category
         is displayed in the
        Details
         pane of the detailed log view. Other relevant details about the threat are displayed in their corresponding windows.

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2023 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo