Threat in "ZIP", how do you determine what request it was in??

Announcements

Changes to the LIVEcommunity experience are coming soon... Here's what you need to know.

Reply
RobinClayton
L4 Transporter

Threat in "ZIP", how do you determine what request it was in??

I keep getting a specific threat logged for a "dll" which I suspect may be in a ZIP that has been inspected.

 

I can't seem to find any information on what ZIP it was in so I can corrolate the event with our web filtering system.

 

The threat log does not seem to give me any clues..

 

Cheers

 

Rob

 

 

BPry
Cyber Elite

@RobinClayton,

If you click on the magnifer glass on that entry to get to the detailed log view, you should be able to see additional information that will either help you track down the sessions traffic logs or display the file name outright. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!