Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
phoenix220820
Explorer

Stop Logging DNS Reputation traffic

Is there a way to stop the Firewall Logging the DNS Reputations traffic.

We are using a SIEM System and we see alot of DNS Reputation traffic and was wondering if there is a way to stop the Firewall Logging this traffic between certain Source and Destination IP Addresses.

 

I have checked adding in a Exception in the Threat Prevention Policy but there is no option for DNS Reputation or DNS Trap.

 

We do not want to disable DNS Trap just stop logging the traffic between certain Source and Destination IP Addresses.

0 Kudos
7 Replies
Chris_Atkinson
Employee Employee
Employee

Have you explored the filtering options with Log Exporter, or are you using another method for output of the logs to your SIEM?

Refer sk122323

CCSM R77/R80/ELITE
0 Kudos
phoenix220820
Explorer

We are wanting to stop logging this traffic on the Firewall, so we do not see these Logs in "Logs & Monitor"

 

0 Kudos
the_rock
Legend
Legend

Is this what you might be looking for? I just picked random protection, but you get the idea...

Andy

 

Screenshot_1.png

phoenix220820
Explorer

Something like that or even adding an Exception in the Threat Prevention Policy.

0 Kudos
phoenix220820
Explorer

Hi

Instead if there a way to disable DNS Trap between certain IP Addresses?

 

0 Kudos
phoenix220820
Explorer

Is there a way to disable DNS Trap between certain IP Addresses?

0 Kudos
Chris_Atkinson
Employee Employee
Employee

Just to confirm you've configured DNS malware trap to be aware of your DNS servers so as to not flag those correct?

CCSM R77/R80/ELITE
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events