Forensics

Each stage of the Click-Time Protection process is recorded for forensic and auditing purposes, from the original URL replacement to the result of the time-of-click scan.

Click-Time Protection processes the events as Malicious Url Click and Proceed to Malicious Url.

  • Malicious Url Click event is recorded when a user clicks on the rewritten URL and is redirected to the warning page or block page.

  • Proceed to Malicious Url event is recorded when the user clicks Proceed anyway in the warning page. See Configuring Click-Time Protection Engine.

For multiple recipients, each URL click would generate an event. Events are aggregated by default.