Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mada
Participant

CVE-2021-44228 - Log4j vulnerability - Log4Shell

Hello CheckMates,

Can somebody check and let me know what kind of filter can be used via Smart-Console (R80.20), only to see the relevant logs details for "CVE-2021-44228 Log4j", just to see if there were any attack attempts or not?

Does also the Firewall blade also see these kind of logs or only the IPS blade?

I've already filtered as below, but not able to see any logs:

blade:IPS CVE-2021-44228 

Is there another way to filter only for "industry_reference"?

A reply would be greatly appreciated.

Thank you in advance!

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

This is an IPS signature, thus Firewall blade alone will not see it.

0 Kudos
(1)
Mada
Participant

Thanks a lot for your feedback.

0 Kudos
the_rock
Champion
Champion

Just do log filter search like this in dashboard -> blade:IPS AND CVE-2021-44228

You will see lots of stuff, for sure.

0 Kudos
(1)
Mada
Participant

Thanks for your feedback.