Cyber Shield Drill-Down Investigation
You must configure your Cyber Shield Domain Filtering to block specific domain categories. More details on Domain Filtering can be found here: Configuring Cyber Shield Domain Filtering.
Before setting up a drill-down investigation, we also recommend that you refer to this documentation: Cyber Shield Top-10 Dashboard.
Conduct a drill-down investigation
- Access the Cyber Shield page in the Administration portal, and on the Top 10 Dashboard pane select a dashboard view. For this example, we’re using Blocked Domains by Category.
- Toggle the Investigate Mode switch to ON.
- Click one of the category circles on the dashboard. For this example, we’re using Malware.
- The dashboard displays the users that originated any DNS queries that are classified in the Malware category.
- Click on a user to drill down into that data set.
- The dashboard displays the devices on which traffic was blocked because it was flagged by the Malware domain filter.
- You can navigate back to either the Category view or the Malware view by clicking the breadcrumbs.