<< PREVIOUS  NEXT >> 

CROSS-SITE REQUEST FORGERY

1. Code: 9

2. Brief Description:Cross-site Request Forgery

3. Sample log message:

   1. CEF format 

       

      Jul 20 07:46:53 10.16.4.112 CEF: 1|Virsec Security Platform|Virsec|1.3.0|9|CSRF|8|EventId=VS-CSRF-072020-T00009|Application_Name=PHP_Webgoat 7.0 Server_Name=ubuntu16 Incident_Level=THREAT Incident_Category=WEB_ATTACK Incident_Type=CSRF Incident_Timestamp=20 Jul 2020 11:47:01 AM UTC Session token id=<NO SESSION> Attacker IP=10.16.4.50 User=guest HTTP Request=/mode/single/challenges/XSS1/ pid=13485 description=CSRF category=Web Attack eventTime=2020-07-20 04:47:04 tid=13485

   2. CEF - Fixed Key Definition format 

       

      Sep  8 12:14:18 10.16.6.4 CEF: 1|Virsec Security Platform|Virsec|1.4.0|9|CSRF|8|EventId=VS-CSRF-090820-T00127|cs1Label=Application_Name cs1=RHEL_webgoat_17 8 cs2Label=Server_Name cs2=rhelwebgoat_17 cs3Label=Incident_Level cs3=THREAT cs4Label=Incident_Category cs4=WEB_ATTACK cs5Label=Incident_Type cs5=CSRF cs6Label=Incident_Timestamp cs6=08 Sep 2020 04:15:45 PM UTC cs7Label=Session token id cs7=4E5A6AB4D7598AEBA5FD61635F7B99AE cs8Label=Attacker IP cs8=10.16.3.114 cs9Label=User cs9=webgoat cs10Label=HTTP Request cs10=http://10.16.6.17:8081/webgoat/attack cs11Label=pid cs11=15802 cs12Label=description cs12=CSRF cs13Label=category cs13=Web Attack cs14Label=eventTime cs14=2020-09-08T04:15:26.026-04:00 cs15Label=tid cs15=28

<< PREVIOUS  NEXT >>