How do i create a custom App-ID if i can't see any pattern on the captured packets? The pcap data seems to be encrypted. For example, i was trying to create a custom app-id for the game Clash Of Clans and i can't seem to find any pattern at all.
App ID works of regular expression so you do have to find a pattern of some sort.
I would submit a request for a new official App-ID using these instructions.
Then contact your sales engineer to see if there is a way they can goose the process.
You can also look to use old fashion methods. See if the game has a known set of ip addresses you can simply block with a standard rule in the mean time.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!