Logging Decryptable Connections with TLS/SSLDecryption Rules

Procedure

Step 1

In the decryption policy editor, click Edit (edit icon) next to the rule where you want to configure logging.

If View (View button) appears instead, the configuration belongs to an ancestor domain, or you do not have permission to modify the configuration.

Step 2

Click Logging.

Step 3

Check the Log at End of Connection check box.

For monitored traffic, end-of-connection logging is required.

Step 4

Specify where to send connection events.

Send events to the event viewer if you want to perform management center-based analysis on these connection events. For monitored traffic, this is required.

Step 5

Click Save to save the rule.

Step 6

Click Save to save the decryption policy.

What to do next

  • Deploy configuration changes.