critical alert in SIEM
hello. i have a SIEM software that gets syslog data from a sonicwall 5650. i have GEOIP enabled. i see "attacks" registered from Brazil. if Brazil is blocked, shouldn't these events not even show up and just get dropped? or is this logging showing the drop? thanks.