When the RPZ hit rate, which is the ratio of the number of queries that result in modifying the genuine response due to RPZ rules to the total number of incoming queries is high, it is unexpected and might warrant your attention. Note that the queries that hit passthru RPZ rules are not considered for the RPZ hit rate. You can configure thresholds for RPZ hit rate, above which the appliance makes a syslog entry and sends alerts as SNMP traps and email notifications. Note that you must enable notifications in order for the appliance to send SNMP traps and email notifications. For information about setting the SNMP trap and email notifications, see Setting SNMP and Email Notifications on page 1444.
NIOS 8.1NIOS Administrator Guide (Rev. A) 1729
Infoblox DNS Firewall
Note that the appliance calculates the RPZ hit rate globally for all DNS views and sometimes the RPZ hit rate might be misleading. For example, if there are multiple DNS views with or without RPZ rules, there is a possibility that some DNS views might receive a substantial number of normal queries, obscuring the possible high RPZ hit rate in the other DNS views. Also, when the DNS server is configured for both authoritative and recursive queries, it is possible that the authoritative zones receive a substantial number of queries for which RPZ rules are not considered. It might make the resulting RPZ hit rate normal even if there is an excessive number of hit for recursive queries.
To configure the thresholds for RPZ hit rate:
...