Project

General

Profile

Feature #9060

add rule name filtering field for firewall log viewer

Added by Ansley Barnes 5 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
10/23/2018
Due date:
% Done:

0%

Estimated time:

Description

It would be very helpful to have a field available in the firewall log filter to search on matched rule name (i.e. Evil_TCP_Port, or Emerging_Threats_List, etc). I run a lot of public wifi networks and pull in various blocklists from different sources to limit the amount of malicious/malware C2 traffic traversing my network, but when I'm trying to track down an individual device to isolate and clean it, it's hard to find if there are a lot of logs (some of these lists have thousands of networks on them, so searching on source or destination isn't really an option, since I'm looking for the list, not the individual address, to narrow things down).

Also available in: Atom PDF