Hi All
Is there a way to extract the IP from the remote address in this Log-example to block it in a rule?
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< Rule: 1002 fired (level 2) -> "Unknown problem somewhere in the system." Portion of the log(s):
{"reqId":"Dh6pNaRlXRvL7dD7d03i","level":2,"time":"2019-06-25T02:02:38+02:00","remoteAddr":"194.99.106.230","user":"--","app":"core","method":"GET","url":"\/index.php?seite=0","message":"Trusted domain error. \"194.99.106.230\" tried to access host."} <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
regards almi.support
|