Forum Discussion
CirrusASM Security Overview does not match Event Logs
When looking at Security --> Overview --> Summary I am seeing that there are request which are blocked. I am able to view the chart of the blocked request but not the specific request. When looking in Security --> Event Logs --> Application --> Request there are no blocked request.
Should the request which are shown in the Overview show up in Event Logs?
Thanks!
Johnnyx_304575I have a virtual server that has a Applications Security Policy applied to it. While the policy is set to Blocking users are having problems with the website. When I look under Event Logs --> Application there are no events for the website. Where else do I need to look to identify what is causing the site to fail while Blocking is enforced?
Thanks!
I_R_101_110The violations that are being blocked likely have the block flag set but don't have the alert flag set under the Learning and Blocking Settings. Enable the alarm flag on the relevant violations and also ensure that your logging profile is properly configured under the virtual server security tab. At the minimum you'll need to have the illegal request logging profile enabled on the vs.
Dan_PachecoIn the vs security tab, add a logging profile to the vs, then you will see the explicit violations.