Malicious domains in SLR report cannot see in threat log

Reply
Highlighted
L4 Transporter

Malicious domains in SLR report cannot see in threat log

Hi Community,

 

I am facing a strange issue that i cannot see the malicious domains showed in SLR report (under DNS security section) in my firewall threat logs. i can see DNS queries trying to resolve some other domains.

But the interesting thing is, once i try to create SLR using same dumb file but selecting another country while generating the SLR in portal, i can see another malicious domain access and this domain is available in threat logs.

I am wondering why different info just by selecting different countries while generating. Other informations are same.

 

Also is malware family is something SLR auto populates by considering the malware family these domains mostly use ?. Because the malware family info cannot be seen in threat logs

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!