ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
Data Center Security Web Attack Detection Options
Article ID: 169688
Updated On:
Products
Critical System Protection
Data Center Security Monitoring Edition
Data Center Security Server
Data Center Security Server Advanced
Issue/Introduction
When using the built in DCS Windows Detection (IDS) policy, you want to monitor muliptle web access log files under Web Attack Detection Global Settings but see that there is only the option for one path.
Environment
All versions of DCS IDS policies
Resolution
By design, DCS detection policy will only allow monitoring of one log file.
The current workaround to see events from a different log than you specify in the built in policy, is to create a separate text log rule and add the web attack detection rules manually. A separate rule would need to be created for each of the logs you wish to monitor.
Feedback
Yes
No
Powered by
