This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Mada
Participant
‎2021-12-15 08:34 AM

CVE-2021-44228 - Log4j vulnerability - Log4Shell

Hello CheckMates,

Can somebody check and let me know what kind of filter can be used via Smart-Console (R80.20), only to see the relevant logs details for "CVE-2021-44228 Log4j", just to see if there were any attack attempts or not?

Does also the Firewall blade also see these kind of logs or only the IPS blade?

I've already filtered as below, but not able to see any logs:

blade:IPS CVE-2021-44228 

Is there another way to filter only for "industry_reference"?

A reply would be greatly appreciated.

Thank you in advance!

0 Kudos
4 Replies
PhoneBoy
Admin
Admin
‎2021-12-15 10:35 AM

This is an IPS signature, thus Firewall blade alone will not see it.

0 Kudos
(1)
Mada
Participant
‎2021-12-15 10:26 PM
In response to PhoneBoy

Thanks a lot for your feedback.

0 Kudos
the_rock
Legend
Legend
‎2021-12-15 03:56 PM

Just do log filter search like this in dashboard -> blade:IPS AND CVE-2021-44228

You will see lots of stuff, for sure.

0 Kudos
(1)
Mada
Participant
‎2021-12-15 10:26 PM
In response to the_rock

Thanks for your feedback.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events