Menu

Bill2024e

Newbie ✭
Default Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Sign In Register

Bill2024e Newbie ✭

Badges (2)

Name DropperFirst Comment
See More

Reactions

0 Promote 1 Helpful 1 Like 0 Spam 0 Abuse

Comments

  • So after a bit of digging, it appears I have to use the "Firewall Action" log template ( and then changing the log level to inform, I can see all times that policies are hit and which ones are involved. Thank you!
    in How to identify which policy is dropping packets. Comment by Bill2024e June 26
  • so "remaining IPs" means that there are too many IPs for the firewall to display (due to limits of the firewall's ability to "remember" - i.e. low memory/storage). You should be able to go to the logs and see the details. Personally, I'm using syslog to capture everything and building reports off that as the displays are…
    in Understanding BotNet Report and Researching Deeper Comment by Bill2024e June 22
  • I've tried to find more details about the items listed in that image but don't know where/how to dig in and find more. Looking in the logs I see some but not all of the botnet attempts. My expectation would be to see all of them.
    in Understanding BotNet Report and Researching Deeper Comment by Bill2024e May 29