Monitor Zero Trust Sessions
Connection Events
After a Zero Trust Application Policy is deployed, new fields are available. To add the fields to the table view:
-
Choose Analysis > Connections > Events.
-
Go to the Table View of Connection Events tab.
-
In the table view of events, multiple fields are hidden by default. To change the fields that appear, click the x icon in any column name to display a field selector.
-
Choose the following fields:
-
Authentication Source
-
Zero Trust Application
-
Zero Trust Application Group
-
Zero Trust Application Policy
-
-
Click Apply.
See Connection and Security-Related Connection Events in the Secure Firewall Management Center Administration Guide for more information on the connection events.
Zero Trust Dashboard
The Zero Trust dashboard allows you to monitor real-time data from active zero trust sessions on the devices.
The Zero Trust dashboard provides a summary of the top zero trust applications and zero trust users that are managed by the management center. Choose Overview > Dashboards > Zero Trust to access the dashboard.
The dashboard has the following widgets:
-
Top Zero Trust Applications
-
Top Zero Trust Users
CLI Commands
Log in to the device CLI and use the following commands:
|
CLI Command |
Description |
|---|---|
|
show running-config zero-trust |
To view the running configuration for a zero trust configuration |
|
show zero-trust |
To display the run-time zero trust statistics and session information |
|
show cluster zero-trust |
To display the summary of zero trust statistics across nodes in a cluster |
|
clear zero-trust |
To clear zero trust sessions and statistics |
|
show counters protocol zero_trust |
To view the counters that are hit for zero trust flow |