I have a query regarding PAN OS 9.1.5 where i have enabled a file type blocking feature with decryption enabled.
I can find the logs under Data Filtering logs. There i can see what type of file being downloaded and the file name but im not able to find from where the download happened.
My query is I need both the URL name and file name. I tried searching documents for it but not able to find any.
Kindly help me on this concern.
i'm actually not sure: i just reviewed some of my firewalls and I also see many files with no URL information. Maybe because the file is not fetched using a traditional HTTP GET
On the very left side of the log entry is a little magnifying glass. If you click this, it will pop up the log details and at the bottom there will be multiple lines with related logs. If the url filtering profile was hit during the download of the file, a url log will be listed. If you click that, the details will switch to the url log information, containing the URL