Monitor

Under Security > Distributed Cloud Firewall > Monitor, you can filter packet logs for rules with logging enabled to determine why a rule may not be working as intended. You can filter based on the following information: timestamp, rule, source/destination IPs, protocol, source/destination port, action (allowed or dropped), and if the rule is enforced. The table refreshes every 15 seconds, and you can also refresh the table manually.

CoPilot throttles the logs for each connection shown on the Monitor tab to one packet per minute in each direction.