Botnet connexions and logs

Options
mat17
mat17 Posts: 45  Freshman Member
First Anniversary 10 Comments Friend Collector
Hello,

I got in my daily report an IP blocking from one of my device flagged as a botnet.
I wanted to get more information about it and checked my logs.
So I looked for the botnet IP in my syslog server and couldn't find anything. If I seek for device IP and the datetime the event happened, can't find anything related to this blocked IP.
My question is: does this reputation app also log in the syslog? If yes, is there any particular pattern to seek for these blocks?
Kind regards

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,462  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options
    Hi @mat17,

    You can see detailed log at "MONITOR > Log > View Log". But those event log have log rotation.
    We would suggest to attach USB stick or using SecuReporter to have more detailed information

Security Highlight