Log successful and unsuccessful TLS handshakes and forward
logs to appropriate storage and administrators for analysis.
The firewall generates Decryption logs for
sessions governed by a
Decryption policy,
including sessions with a No Decrypt policy. Configure Decryption
logging in the Decryption policy that controls the traffic that
you want to log.