Procedure

1. Go to Logs & Reports → Log Query → Violation Log.
2. Select a Time Period or Custom Range by which to filter the log.
3. Specify the following parameters:
   • Source address: IP address that is the source of the violation.

     Note Only Source address can use an IP address segment for queries. If no IP address is specified, all IP addresses are queried. If a full IP address is specified, only violations from this source IP are queried. If an IP address segment is used ("1.1.1"), Deep Edge treats it as an IP address prefix ( "1.1.1.1~1.1.1.254" will match).

   • Destination address: IP address that is the destination of the violation.
   • Violation Type: Select Any or one of the following:

     Firewall IPS Anti-malware WRS Anti-spam URL Blacklist

     Botnet File Extension Blacklist Anti-DoS HTTPS Cert Error Client Cert Block

   • Source User: Select a user name or group name.
   • Application: Select Any or a specific application name to track that application.
   • Action: Select Any, or select Allow, Block, Monitor, Tag, or Quarantine to track a specific action.
   • Policy: Select Any, Default, or a specific policy name to track that policy.
   • Mail Sender: Specify the email address of a mail sender
   • Mail Recipient: Specify the email address of a mail recipient
4. Click Query, Print or Export to CSV.