Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
The VMware SD-WAN Edge appliance captured a potentially malicious traffic flow. Please investigate the IOC information available. This analytics rule analyses Search API streams. Search API queries report only IDS/IPS Alerts. In case you would also need Network Flood Protection, please enable Syslog collection using AMA.
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | VMware SASE |
| ID | 44f78dbf-9f29-4ec0-aaca-ab5bf0b559af |
| Severity | High |
| Kind | Scheduled |
| Tactics | LateralMovement |
| Techniques | T1210 |
| Required Connectors | VMwareSDWAN |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|
VMware_SDWAN_FirewallLogs_CL |
? | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊