Results 1 to 4 of 4
  1. #1
    Untanglit
    Join Date
    Jan 2017
    Posts
    15

    Default Webfilter Alert message

    Yesterday, while my wife was browsing the net, I suddenly received 8 emails from my Untangle box. The text was:

    ***************************************************************************************
    Untangle Server Alert! (name of the box)
    The following event occurred on the Untangle Server @ 2017-01-11 19:59:26.648

    Malware Distribution Point website visit detected:
    Web Filter logged http://www.mirrorlessrumors.com/wp-c...1/RED-Sony.jpg (Malware Distribution Point)

    Causal Event: WebFilterEvent
    {
    "nodeName": "web_filter",
    "timeStamp": "2017-01-11 19:59:26.648",
    "reason": "PASS_CLIENT",
    "flagged": false,
    "blocked": false,
    "requestLine": "GET http://www.mirrorlessrumors.com/wp-content/uploads/2017/01/RED-Sony.jpg",
    **************************************************************************************

    It took me a while to find out which computer was causing that...I had to login, check Webfilter logs and see which user (not IP) caused this.

    I wonder if it is possible to add username and IP address to the email. So next time, when this happens and I'm not at home, I know right from the start where to look.
    Additionally, I wonder why the traffic was passed instead of blocked.

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,714

    Default

    As the alert lists, "reason": "PASS_CLIENT", The PC IP address is in the Pass Clients list so the PC was not blocked.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untanglit
    Join Date
    Jan 2017
    Posts
    15

    Default

    Quote Originally Posted by jcoffin View Post
    As the alert lists, "reason": "PASS_CLIENT", The PC IP address is in the Pass Clients list so the PC was not blocked.
    This happens also in case the request has been blocked. In fact the computer which created the issue is never transmitted in the email. Ich always have to login to the Untangle system and check the logs.

    How can I change the notification?

  4. #4
    Master Untangler deleted_account+152373@untangle.com's Avatar
    Join Date
    Sep 2016
    Location
    Malta
    Posts
    431

    Default

    Yes it would be much better if we get which client has been blocked in the email

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2