Trigger Logging or Packet capture based on Application Control

Hi, I would like to log when specific applications are used.

For example, if someone is using google drive, I'd like to log alerts or notifications.

Even better, initiate a packet capture.

Is it possible? How?


  • Options

    The only way that comes to mind is to have Logging enabled on your policies and send the logs to a Syslog server process which can look at the incoming logs for specific matching text in a log record, which would then send an e-mail on a match.

Sign In to comment.