Can any body explain that what is difference between Intrusion URL and Intrusion Payload URL? and why Intrusion payload URL is not capturing in the logs
It may vary depending on the direction of the traffic.
The Intrusion URL is the URL that SEP detected as malicious and may re-direct to a file download script execution attempt.
The Intrusion Payload URL is the malicious "file" download attempt.
Hi Ayyanar,
Thanks for the query. One has all of the parameters included in the traffic and the other lets you known which domains you may need to block at the corporate firewall. (That is how I use them, anyway!)
Hope this helps! Please do keep the thread up-to-date with your progress or mark it solved if you have received your answer.
Mick
Just a ping to see if your question has been answered? The thread is still marked "needs solution."
Hi All,
Thanks for your quick response and prompt answer,
I got my answer
Thanks & Regards,
Ayyanar
What is the correct answer? Please mark it as such.