Threat in "ZIP", how do you determine what request it was in??

L4 Transporter

Threat in "ZIP", how do you determine what request it was in??

I keep getting a specific threat logged for a "dll" which I suspect may be in a ZIP that has been inspected.

 

I can't seem to find any information on what ZIP it was in so I can corrolate the event with our web filtering system.

 

The threat log does not seem to give me any clues..

 

Cheers

 

Rob

 

 

L7 Applicator

Re: Threat in "ZIP", how do you determine what request it was in??

@RobinClayton,

If you click on the magnifer glass on that entry to get to the detailed log view, you should be able to see additional information that will either help you track down the sessions traffic logs or display the file name outright. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!