Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
biskit
Advisor

Anti-Bot Correlated Logs

When I filter on Blade:Anti-Bot all I see is this.  When I open a log card I have no meaningful information.  What is causing these logs? 

Should I worry, or just ignore them? 

If I should worry - why? 

If I should ignore them - how do I stop them from happening in the first place?

AB.png

0 Kudos
4 Replies
Bjoern_Baumann
Participant

Have you managed to figure out the meaning of these logs?

0 Kudos
biskit
Advisor

Nope!  I'd still like to though.

I'm upgrading this particular system later this week from R80.40 to R81.10 so I'll see if that makes any difference...

0 Kudos
Timothy_Hall
Legend Legend
Legend

My first impression is that these correlated logs were just showing anti-bot scanning statistics (Scan Hosts ...), but the presence of "CU (Correlation Unit) Rule" means that it has something to do with SmartEvent.  Looks like a false positive, see here: sk105300: SmartEvent Server sends out email alerts for Anti-bot detection with no corresponding logs...

 

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com
0 Kudos
Bernhard0815
Explorer
Explorer

Were you able to fix this issue?

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events