Distributed Cloud Firewall Monitoring

Under Security > Distributed Cloud Firewall > Monitor, you can filter packet logs for Distributed Cloud Firewall rules that have logging enabled, to determine why a rule may not be working as intended.

You can filter based on the following information: timestamp, rule, source/destination IPs, protocol, source/destination port, action (allowed or dropped), and if the rule is enforced. The table refreshes every 15 seconds, and you can also refresh the table manually.

CoPilot throttles the logs for each connection shown on the Monitor tab to one packet per minute in each direction.

You can click Save View or Save As after filtering your log data. The saved views are then available from a second drop-down on the Performance page.

After selecting a saved view, you can:

  • Clear it and select another saved view

  • Select new metrics/gateways and create or save another view