Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 2 answers
  • Subscribers 27 subscribers
  • Views 982 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF log after pentestig

Service Informatique2

Hello,

We did a Pentesting for 5 days on your Website which are behind XG WAF Firewall.

In the firewall rule, Advanced, Protection, We create a protection policy with is in Monitor Mode

So now I would like to see if we have log of the Pentesting.

By the GUI, I've tried to generate a report, but I have nothing...

So I go to connect with SSH to my firewall and log at /log/reverseproxy.log but I have many informations.

How can I do to see only bad trafic for a specify period ?

Thank you very much



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Vishal_R

    Vishal I have some questions :

    Can I increase the size of the reverseproxy.log.0 ?

    In the log,I have many line like :

    [Wed Mar 02 13:51:05.978373 2022] [cookie:error] [pid 16671:tid 140440103700224] [client xx.xx.xx.xx:53022] No signature found

    And :

    [Wed Mar 02 12:19:02.598863 2022] [form_hardening:error] [pid 25351:tid 140439994595072] [client xx.xx.xx.xx:55719] Form validation failed: Received unhardened form data, referer: https://URL/

    Can I do some exceptions for Website ?

Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?