This section talks about the various monitoring features available with Cloud Web Security
CWS Monitored Areas
In Cloud Web Security > Monitor, you can view the following four monitored areas:
- Threat Analysis
- Traffic Analysis
- CASB Analysis
- Web Logs
The Threat Analysis dashboard ensures that a user can get detailed visibility into threats. The dashboard displays:
Review Traffic Analysis
Review Traffic Analysis for visibility into user traffic.
Go to CASB Analysis for a general overview of what categories and apps are being monitored.
Go to Web Logs. Cloud Web Security automatically logs every session and threat.
View past 60 minutes and filter the view by action is "block."
CWS filtered view
With the filtered view you will see a list of the policies' recently performed actions.
Select one of your blocked actions to view its log entry details.
CWS and Workspace ONE Access
Cloud Web Security Integration with Workspace ONE Access
Instead of unknown or anonymous users listing in Web Logs, Cloud Web Security can be integrated with Workspace ONE Access and other third party IdPs for authentication and username resolution, as seen below. In TestDrive this integration is disabled for security reasons.