What to get URL / web access log info?


i am using "Elastic Defend" and "System" integrations at the moment but i wonder how i can monitor outgoing web requests wih this?

Do i need a different integration to see all browers and web access by apllications / users or system?

Thx for assisting.


As far as I know you need an integration with a source that has that data like Forcepoint or Palo Alto (If your grabbing that data with Palo). Unfortunately Endpoint isn't logging URL request. You can get closer if you search domains as DNS requests/replies are stored in Elastic.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.