Assesment for each Security Monitoring logs

Can we create a log assesment fo reach secrity Monitoring logs like in silverline ?

When we want to review the whole traffic which was blocked or alerted we need to review it manually one by one and we have no possibility to take a look on that on file.

Every request from Security Monitoring need to be reviewed manually.

  • Guest
  • Mar 1 2023
  • Attach files
  • Guest commented
    September 20, 2023 09:40

    So, managing the load balancers one by one required a possibility to review the whole blocking process. I'm pretty sure we should have a possibility to review the policy before we put it in blocking mode to find the false positive and tune them accordingly and avoid the blocks from customers or even from application.

    There should be a possibility:

    • to chose the exact timefime from where we want to generate the report,

    • to chose the specific load balancer/ security-policy/client IP/country/ path/ type of attack etc./

    • This should be in readable format and should contain all the necessery information to investigate the traffic,

    • We should have a possibility to download the report or review it directly in service.

  • Admin
    SUDHIR PATAMSETTI commented
    June 14, 2023 23:10

    what is log assessment ? need more details on this capability