Forensics
Each stage of the Click-Time Protection process is recorded for forensic and auditing purposes, from the original URL replacement to the result of the time-of-click scan.
Click-Time Protection processes the events as Malicious Url Click and Proceed to Malicious Url.
-
Malicious Url Click event is recorded when a user clicks on the rewritten URL and is redirected to the warning page or block page.
-
Proceed to Malicious Url event is recorded when the user clicks Proceed anyway in the warning page. See Configuring Click-Time Protection Engine.
For multiple recipients, each URL click would generate an event. Events are aggregated by default.