• Support
  • Forums
  • Blogs

A lot of RECOG - Web Scanner detected against exposed services

OTXFEEDTMSOTXFEEDTMS

New Life Form
I have many event type every day ( ID:2012936 , ET SCAN ZmEu Scanner User-Agent Inbound )
The same source ip address creates many identical alarms and many identical tickets because I setted yes the option Open Tickets for new alarms automatically.
How can I aggregate this identical alarms? 
Maybe it's possible with a new directive?

Share post:

Sign In or Register to comment.