Netskope Community
06-19-2023 11:43 AM
I hope this will just be a pointer to the resource...
Is there a repository with more details about what the signatures are. Or a way to see what caused the match? Some of the descriptions are quite vague, and it's hard to determine if an exception should be created.
eg: Sig 20019 "MALWARE-CNC User-Agent known malicious user agent - test"
Solved! Go to Solution.
06-27-2023 08:49 AM
You can use Snort's rule doc search to review signatures. For example, here is info on the signature mentioned above. https://snort.org/rule_docs/1-20019
Please reach out to our support team to assist with a full investigation of the IPS and reason behind it firing.
06-27-2023 08:49 AM
You can use Snort's rule doc search to review signatures. For example, here is info on the signature mentioned above. https://snort.org/rule_docs/1-20019
Please reach out to our support team to assist with a full investigation of the IPS and reason behind it firing.
In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below
Sign In