TestDrive

CWS Monitoring Overview

Updated

This section talks about the various monitoring features available with Cloud Web Security

CWS Monitored Areas

In Cloud Web Security > Monitor, you can view the following four monitored areas:

  • Threat Analysis
  • Traffic Analysis
  • CASB Analysis
  • Web Logs

The Threat Analysis dashboard ensures that a user can get detailed visibility into threats. The dashboard displays: 

Review Traffic Analysis

Review Traffic Analysis for visibility into user traffic.

Go to CASB Analysis for a general overview of what categories and apps are being monitored.  

Web Logs

Go to Web Logs. Cloud Web Security automatically logs every session and threat. 

 

View past 60 minutes and filter the view by action is "block."

CWS filtered view

With the filtered view you will see a list of the policies' recently performed actions.

Select one of your blocked actions to view its log entry details.

CWS and Workspace ONE Access

Cloud Web Security Integration with Workspace ONE Access

Instead of unknown or anonymous users listing in Web Logs, Cloud Web Security can be integrated with Workspace ONE Access and other third party IdPs for authentication and username resolution, as seen below. In TestDrive this integration is disabled for security reasons.

Previous Article Cloud Web Security Overview
Next Article SD-WAN QOE Overview