Data Center Security Web Attack Detection Options


Article ID: 169688


Updated On:


Critical System Protection Data Center Security Monitoring Edition Data Center Security Server Data Center Security Server Advanced


When using the built in DCS Windows Detection (IDS) policy, you want to monitor muliptle web access log files under Web Attack Detection Global Settings but see that there is only the option for one path. 


All versions of DCS IDS policies


By design, DCS detection policy will only allow monitoring of one log file.  

The current workaround to see events from a different log than you specify in the built in policy, is to create a separate text log rule and add the web attack detection rules manually. A separate rule would need to be created for each of the logs you wish to monitor.