Audit shows blocked activity as data transfer
Article ID: 184547
Updated On:
Products
CASB Audit
CASB Gateway Advanced
Data Loss Prevention Cloud Package
Cause
The WSS logs a 200 success on the tcp traffic initiating the handshake, but a 403 forbidden on the http/https traffic to load a blocked page.
Environment
WSS integration data source
Resolution
Open a support ticket to request "Ignore CONNECT Traffic" on your WSS data source.
Feedback
Yes
No
Powered by
