Long Term Threatlist Activity

low Log Correlation Engine Plugin ID 800126

Synopsis

The LCE has detected continuous threatlist activity from a host.

Description

The Log Correlation Engine has detected continuous threatlist activity from a host. Hosts which communicate with IP addresses that have been threatlisted for long periods of time should be investigated to see if they are part of a botnet.

Plugin Details

Severity: Low

ID: 800126

Family: Generic

Detections

Analytics

Long Term Threatlist Activity

low Log Correlation Engine Plugin ID 800126

Synopsis

Description

Plugin Details