Closed punisherVX closed 5 years ago
These need to be moved out for future use. The logs are filtered and events are tagged, but until we have a better grasp on where the URL enrichment will come from, we need to push them out.
See ticket #10 in Zube for co-requisites
sdndude said: Parked for 4.0
The only URL filtering event visualizations are in the Threat System Overview dashboard.
Once the structure and code for the URL module is in place, we need reports and dashboard(s) for the URL information much in the same way as we did for DNS.
Ticket #10: Extend SFN to process URL FW events
Currently SFN processes Threat log events with a focus on DNS log messages. We need to extend out capability to also cover process URL events. Initial thinking in
https://github.com/PaloAltoNetworks/safe-networking-sp/issues/82