11-27-2020 05:59 AM
Hi all,
Weird one. Our system receives a lot of requests from bogus identities (looks like broken script):
While we are investigating this, is there an easy way to create a filter or something to drop silently requests from those usernames?
It generates ~3M of failure requests a day and floods our live logs.
Thanks,
Myky
Solved! Go to Solution.
11-27-2020 07:13 AM
Yes, it's just supressing the log entry afaik.
Best off finding the source and disabling the script.
11-27-2020 06:32 AM
Hi @mykys
Perhaps try using a collection filter to match the identity being sent
Naviagate to Adminstration > System > Logging > Collection Filter
11-27-2020 06:36 AM
Hey @Rob Ingram
Thanks.
Was not aware of that functionality.
I need to check the admin guide. What is does (high-level overview)?
Thanks,
Myky
11-27-2020 06:43 AM
It would filter the identity/username specified from the logs.
11-27-2020 06:45 AM - edited 11-27-2020 06:46 AM
Will the request still be processed by ISE (CPU hit)?
11-27-2020 07:13 AM
Yes, it's just supressing the log entry afaik.
Best off finding the source and disabling the script.
11-27-2020 07:19 AM
Cool, thanks @Rob Ingram
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: