DNS Security Dashboard is not displaying data
6039
Created On 07/27/23 01:07 AM - Last Modified 07/28/23 23:13 PM
Symptom
- DNS Security Dashboard in AIOps is showing an error "no data found"
Environment
- AIOps for NGFW
Cause
- Firewalls must have DNS Security enabled and they must be forwarding DNS Security logs via cloud telemetry.
- If those conditions are not met, then the dashboard will show no data
Resolution
- First confirm that the AIOps tenant has firewalls associated under Device Associations:
- Confirm in the AIOps app that the associated devices have a valid DNS Security license:
- On the firewalls, ensure that DNS Security has been properly enabled. Review the requirements in the Enable DNS Security documentation. Specifically ensure these prerequisites are met:
- Firewall has a valid DNS Security license fetched
- Firewall is configured with an Anti-Spyware Profile
- The Anti-Spyware Profile must have DNS Security categories enabled with actions set to alert, block, or sinkhole.
- The Anti-Spyware Profile must be configured in an active security policy rule
- Once the above steps are completed, the firewall should be forwarding DNS Security logs via Telemetry and the dashboard in AIOps should update. You can confirm the DNS Security service on the firewall is active by checking:
firewall> show dns-proxy dns-signature counters request_recv : 5 +5 +5 /sec response_send : 5 +5 +5 /sec