![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Yeah, but how it normally works is it just decrypts, scans, then re-encrypts and passes it on. If I start digging that deep it takes up a crapload of storage space to log it all and that gets expensive fast. The basic logs are already at 60GB a month, adding those extra features can easily triple it, and the Ministry wants me to keep my logs for a year at a time to upload and submit to their usage pools so they can track metrics and usage to blah blah blah blah. So I only turn on in-depth logging if I get asked to track somebody specifically, or if I am finding too many flags coming from a specific account and even then I need to get permission first (I don't like acting unilaterally even if I am the whole department). But yes Palo Alto gives a lot of tools to keep people and data safe.
A side note from today's analysis is a lot of traffic poking around from Kazakhstan, which is weird AF wouldn't normally add them on the list of places to watch out for, it's all getting dropped but it certainly made me do a double-take when I checked it over coffee this morning.
