Solved: Thank you fpr your anwer,

cisco · ‎11-07-2016

Hi,

I am working with setting up a Firepower-system on a ASA5525X. I have enabled blocking of some URL-categories, this is working fine and I can see that a number of connections to forbiddel categories are stopped. But how can I drill this down and see what internal hosts are trying to access forbiddel URLs? Any standard reports or dashboards that gives this information?

Regards,

Thor-Egil

Boris Uskov · ‎11-07-2016

Hello, what do you use for configuration of FirePOWER module? ASDM or FirePOWER Management Center (FMC)? In FMC you can get detailed information about every transaction in tab Analysis -> Connection -> Events. Please, see the attach.

But first, you need to configure logging in the Access Policies.

View solution in original post

Boris Uskov · ‎11-07-2016

Hello, what do you use for configuration of FirePOWER module? ASDM or FirePOWER Management Center (FMC)? In FMC you can get detailed information about every transaction in tab Analysis -> Connection -> Events. Please, see the attach.

But first, you need to configure logging in the Access Policies.

cisco · ‎11-07-2016

Thank you fpr your anwer, this was what I was looking for.

Br,

Thor-Egil

Firepower URL-blocking - how to see hosts?