Monitor Activity and Create Custom Reports Based on Threat Categories
Threat categories classify different types of threat signatures to help you understand and draw connections between events threat signatures detect. Threat categories are subsets of the more broad threat signature types: spyware, vulnerability, antivirus, and DNS signatures. Threat log entries display the Threat Category for each recorded event.
- Filter Threat logs by threat category.
- Select MonitorLogsThreat.
- Add the Threat Category column so you can view the Threat Category for each log entry:
- To filter based on Threat Category:
- Use the log query builder to add a filter with the Attribute Threat Category and in the Value field, enter a Threat Category.
- Select the Threat Category of any log entry to add that category to the filter:
- Filter ACC activity by threat category.
- Select ACC and add Threat Category as a global filter:
- Select the Threat Category to filter all ACC tabs.
- Create custom reports based on threat categories to receive
information about specific types of threats that the firewall has
- Select MonitorManage Custom reports to add a new custom report or modify an existingone.
- Choose the Database to use as the source for the custom report—in this case, select Threat from either of the two types of database sources, summary databases and Detailed logs. Summary database data is condensed to allow a faster response time when generating reports. Detailed logs take longer to generate but provide an itemized and complete set of data for each log entry.
- In the Query Builder, add a report filter with the Attribute Threat Category and in the Value field, select a threat category on which to base your report.
- To test the new report settings, click Run Now.
- Click OK to save the report.
Monitor Web Activity of Network Users
Monitor Web Activity of Network Users You can use the ACC, URL filtering reports, and logs that are generated on the firewall to track user ...
Configure Custom URL Filtering Reports
Configure Custom URL Filtering Reports To generate a detailed report that you can schedule to run regularly, configure a custom URL Filtering report. You can ...
Learn More About Threat Signatures
Learn More About Threat Signatures Firewall Threat logs record all threats the firewall detects based on threat signatures ( Set Up Antivirus, Anti-Spyware, and Vulnerability ...
Learn More About and Assess Threats
Learn More About and Assess Threats Features of Threat Vault and AutoFocus are integrated into the firewall to provide visibility into the nature of the ...
Threat Details Monitor > Logs > Threat ACC > Threat Activity Objects > Security Profiles > Anti-Spyware/Vulnerability Protection Use the Threat Details dialog to learn ...
Device > Setup > Telemetry
Device > Setup > Telemetry Telemetry is the process of collecting and transmitting data for analysis. When you enable telemetry on the firewall, the firewall ...
Generate Mobile Network Reports
View daily reports or custom reports on mobile network activity. ...
Create HTTP Header Insertion Entries using Predefined Types
You can create HTTP Header Insertion rules based on types that are predefined by Palo Alto Networks® for popular SaaS applications. ...
URL Filtering Categories
URL Filtering Categories Select Objects Security Profiles URL Filtering Categories to control access to websites based on URL categories. Attach a URL Filtering profile to ...