<< PREVIOUS  NEXT >> 

NG-WAF ATTACKS

DOS PROTECTION

1. Code: 11

2. Brief Description: DOS Protection

3. Sample log message:

   1. CEF format 

       

      Aug  5 19:06:19 10.15.3.46 CEF: 1|Virsec Security Platform|Virsec|1.3.6|11|DOS Protection|10|EventId=VS-DOSP-080520-A00019|Application_Name=Ubuntu14_NGWAF_job1 1 Server_Name=ubuntu-162 Incident_Level=ATTACK Incident_Category=WEB_ATTACK Incident_Type=DOS Protection Incident_Timestamp=05 Aug 2020 11:05:44 PM UTC Threat Description=Potential Denial of Service (DoS) Attack from 10.15.3.7 - # of Request Bursts: 2 HTTP Request=/form.php Unique Transaction ID=Xys7e38AAAEAAAFE4HoAAAAB Action=detected Tags=application-multi,language-multi,platform-multi,attack-dos Severity=CRITICAL Attacker=10.15.3.7:56210 Rule Id=912170 Matched Rule File=/var/virsec/vsp_waf/vsp_waf_crc/rules/REQUEST-912-DOS-PROTECTION.conf Primary Incident=true pid=324 description=DOS Protection category=Web Attack eventTime=2020-08-05 16:12:15.340656 tid=NA