Summary
In this chapter, you learned where to find all the different types of log files and how aggregated information can lead to identifying a botnet. You can now perform a packet capture using filters to capture only what you need. You can interpret a session on the firewall and identify key attributes, such as the NAT direction, the end reason, and the timeout settings. You can verify whether the firewall has connectivity to all its cloud services and whether an anticipated flow will hit all the intended policies using the troubleshooting tool. You can also perform key tasks such as a factory reset or loading a different configuration file from Maintenance Mode.
In the next chapter, we will take what you have learned in this chapter to the next level by using the packet capture filters to analyze global counters and look at the actual flow as it goes through the firewall and is touched by different processes.