Newbie ✭
Default Avatar

Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Bill2024e Newbie ✭

Badges (2)

Name DropperFirst Comment


  • So after a bit of digging, it appears I have to use the "Firewall Action" log template ( and then changing the log level to inform, I can see all times that policies are hit and which ones are involved. Thank you!
  • so "remaining IPs" means that there are too many IPs for the firewall to display (due to limits of the firewall's ability to "remember" - i.e. low memory/storage). You should be able to go to the logs and see the details. Personally, I'm using syslog to capture everything and building reports off that as the displays are…
  • I've tried to find more details about the items listed in that image but don't know where/how to dig in and find more. Looking in the logs I see some but not all of the botnet attempts. My expectation would be to see all of them.