This section talks about the various monitoring features available with Cloud Web Security (CWS).
CWS Monitored Areas
In Cloud Web Security > Monitor, you can view the following four monitored areas:
- Threat Analysis
- Traffic Analysis
- CASB Analysis
- Web Logs
The Threat Analysis dashboard ensures that a user can get detailed visibility into threats. The dashboard displays:
Review Traffic Analysis
Review Traffic Analysis for visibility into user traffic.
Go to CASB Analysis for a general overview of what categories and apps are being monitored.
View Web Logs
Go to Web Logs. Cloud Web Security automatically logs every session and threat.
View past 60 minutes and filter the view by action is "block."
Web Logs Filtered View
With the applied filtered view you will see a list of the policies' recently performed actions.
Select one of your "blocked" actions to view its log entry details.
CWS and Workspace ONE Access
Cloud Web Security Integration with Workspace ONE Access
Instead of unknown or anonymous users listing in Web Logs, Cloud Web Security can be integrated with Workspace ONE Access and other third party IdPs for authentication and username resolution, as seen below. In TestDrive this integration is disabled for security reasons.