After new signature set version 18.104.22.168deployment, I can see several attack name "Unknown".Such attack log has no description, no matching criteria:
Seems some signature issue. Can anyone confirm ?
Solved! Go to Solution.
Yes. cache flushed. No change. No Attack Name, only some internal ID 4203020
Update: After delete of policy cache, the old events are still marked as Unknown but all new events are identified OK.