Sophos Community
User
Site
Search
User
Toggle Mobile menu
Community & Product Forums
Blogs
Partners
Events & Webinars
Getting Started
Support Portal
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
Sophos ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
Sophos NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Professional Services
Sophos Central
Support Portal
Sophos Community log in
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Products and Services
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Professional Services
Sophos Central
Support Portal
Sophos Community log in
Blogs
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Partners
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting Started
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Support Portal
UTM Firewall
Astaro.org (Read-Only)
UTM 9.1 Public Beta
[9.065][MYTH] WAF reporting not working
Forums
Files
Mentions
Sub-Groups
Tags
More
Cancel
New
Thread Info
State
Not Answered
Replies
11 replies
Subscribers
0 subscribers
Views
1784 views
Users
0 members are here
Options
RSS
More
Cancel
Suggested
[9.065][MYTH] WAF reporting not working
utm_kid
over 12 years ago
Hello ,
with 9.060 web application firewall reporting for blocked traffice was work and showing log/report
but with 9.065 its not working
thanks
Parents
0
Billybob
over 12 years ago
Hi, can you post a few lines from the logs of the traffic that was blocked and not counted?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Reply
0
Billybob
over 12 years ago
Hi, can you post a few lines from the logs of the traffic that was blocked and not counted?
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Children
0
utm_kid
over 12 years ago
in reply to
Billybob
Hello Bill,
yes i search for log but could not get log ,but when i did many xss scripts attacks live
log had nothing but one of the scripts was able to show message on ips
from ips log
2013:02:03-16:53:32 acenn snort[6301]: id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion protection alert" action="alert" reason="POLICY-OTHER web server file upload attempt" group="500" srcip="192.168.7.135" dstip="192.168.3.125" proto="6" srcport="44127" dstport="80" sid="5708" class="Misc activity" priority="3" generator="1" msgid="0"
from http log
2013:02:03-16:53:32 acenn httpproxy[6227]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="192.168.7.135" dstip="192.168.3.125" user="" statuscode="404" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="204" request="0xb67f098" url="
www.mydomain.com/.../
if you want i will send you xss cheat sheet
thanks
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
