Monitor WildFire Activity

Depending on your WildFire™ deployment—public, private, or hybrid—you can view samples submitted to WildFire and analysis results for each sample using the WildFire portal, by accessing the firewall that submitted the sample (or Panorama, if you are centrally managing multiple firewalls), or by using the WildFire API.
After WildFire has analyzed a sample and delivered a verdict of malicious, phishing, grayware, or benign, a detailed analysis report is generated for the sample. WildFire analysis reports viewed on the firewall that submitted the sample also include details for the session during which the sample was detected. For samples identified as malware, the WildFire analysis report includes details on existing WildFire signatures that might be related to the newly-identified malware and information on file attributes, behavior, and activity that indicated the sample was malicious.
See the following topics for details on how to monitor WildFire submissions, to WildFire analysis reports for samples, and to set up alerts and notifications based on submissions and analysis results:
The AutoFocus threat intelligence portal provides a different lens through which to view WildFire analysis details for a sample. AutoFocus layers statistics over WildFire analysis data to indicate high-risk artifacts found during sample analysis (such as an IP address or a domain).

Related Documentation