Project

General

Profile

Actions

Feature #9060

open

add rule name filtering field for firewall log viewer

Added by Ansley Barnes about 6 years ago. Updated over 5 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
10/23/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

It would be very helpful to have a field available in the firewall log filter to search on matched rule name (i.e. Evil_TCP_Port, or Emerging_Threats_List, etc). I run a lot of public wifi networks and pull in various blocklists from different sources to limit the amount of malicious/malware C2 traffic traversing my network, but when I'm trying to track down an individual device to isolate and clean it, it's hard to find if there are a lot of logs (some of these lists have thousands of networks on them, so searching on source or destination isn't really an option, since I'm looking for the list, not the individual address, to narrow things down).

Actions #1

Updated by Jim Pingle over 5 years ago

  • Category set to Logging
Actions

Also available in: Atom PDF