Project

General

Profile

Feature #9060

add rule name filtering field for firewall log viewer

Added by Ansley Barnes over 1 year ago. Updated 11 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Logging
Target version:
-
Start date:
10/23/2018
Due date:
% Done:

0%

Estimated time:

Description

It would be very helpful to have a field available in the firewall log filter to search on matched rule name (i.e. Evil_TCP_Port, or Emerging_Threats_List, etc). I run a lot of public wifi networks and pull in various blocklists from different sources to limit the amount of malicious/malware C2 traffic traversing my network, but when I'm trying to track down an individual device to isolate and clean it, it's hard to find if there are a lot of logs (some of these lists have thousands of networks on them, so searching on source or destination isn't really an option, since I'm looking for the list, not the individual address, to narrow things down).

History

#1 Updated by Jim Pingle 11 months ago

  • Category set to Logging

Also available in: Atom PDF