Cloud Inspector reveals web access footprints based on logs from Firewalls and Web Gateways. It helps administrators keep up-to-minutes intelligence about web applications being accessed by internal users.
This app ingests CIM-compliant logs. Along with its unique cloud reputation service, administrators now are able to understand:
1. The top risky web applications being accessed.
2. The endpoints (users or devices) generate the most access records.
3. Geographic locations of web applications being accessed.
4. Activity comparison with previous periods.
Supported CIM-compliant logs:
This app extracts web sites from site, url or dest field of Common Information Model (CIM) Web data model. The priority is site > url > dest. The following CIM-compliant products(sourcetype) have been verified.
1. Palo Alto (pan:threat)
2. Fortinet FortiGate (fgt_utm)
3. Forcepoint Web Security (websense:cg:kv)