Information
Enable logging on built-in default security policies 'intrazone-default' and 'interzone-default'
Rationale:
By default, these default security policies does not have logging enabled. This enables SOC or security analyst to do further investigations on security incidents especially on threat hunting or incident response activities.
Solution
Navigate to Policies > Security
Go to default policies intrazone-default and interzone-default. On Actions tab, enable Log at Session End on log setting.
Default Value:
Disabled