Depending on your WildFire™ deployment—public, private, or hybrid—you can view samples submitted to WildFire and analysis results for each sample using the WildFire portal, by accessing the firewall that submitted the sample (or Panorama, if you are centrally managing multiple firewalls), or by using the WildFire API.

After WildFire has analyzed a sample and delivered a verdict of malicious, phishing, grayware, or benign, a detailed analysis report is generated for the sample. WildFire analysis reports viewed on the firewall that submitted the sample also include details for the session during which the sample was detected. For samples identified as malware, the WildFire analysis report includes details on existing WildFire signatures that might be related to the newly-identified malware and information on file attributes, behavior, and activity that indicated the sample was malicious.

See the following topics for details on how to monitor WildFire submissions, to WildFire analysis reports for samples, and to set up alerts and notifications based on submissions and analysis results:

About WildFire Logs and Reporting

Use the Firewall to Monitor Malware

Use the WildFire Portal to Monitor Malware

Use the WildFire CLI to Monitor the WildFire Appliance

WildFire Analysis Reports—Close Up

The AutoFocus threat intelligence portal provides a different lens through which to view WildFire analysis details for a sample. AutoFocus layers statistics over WildFire analysis data to indicate high-risk artifacts found during sample analysis (such as an IP address or a domain).

Document:WildFire Administrator's Guide

Monitor WildFire Activity

Table of Contents

Monitor WildFire Activity

Most Popular

Recommended For You

Document:WildFire Administrator's Guide

Monitor WildFire Activity

Table of Contents

Monitor WildFire Activity

Most Popular

Recommended For You

Recommended Videos