Is there a way to query/filter for just RFC Non-Compliant Traffic?

I was unable to come up with a come up with anything. Any ideas?

Do you have firewall logs ingested in Elasticsearch? Do the logs have data regarding RFC Non-Compliance?

1 Like

I am using Amazon's Elastiservice and only have access to Kibana. The logs state "Non-RFC Compliance", but I wasnt to view just those.

Well, if you search for that data in Discover, there it will be :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.