i need to know which computer triggered each block.
i got this from the report
Victim IP addresses Unavailable
Victim hostname Unknown"
Destination port 443
DNS watch only says the firebox blocked the site.
Frustrating I know.
It's usually something simple.
If you have DNSWatch enabled on the firewall itself, we should be able to look at the corresponding firewall logs in order to do this.
The log from the DNSWatch service itself only sees the request to the blackhole IPs from your external IPs. You need the corresponding firewall logs to get more information here.
WatchGuard Customer Support