After new signature set version 220.127.116.11deployment, I can see several attack name "Unknown".Such attack log has no description, no matching criteria:
Seems some signature issue. Can anyone confirm ?
Solved! Go to Solution.
Yes. cache flushed. No change. No Attack Name, only some internal ID 4203020
Update: After delete of policy cache, the old events are still marked as Unknown but all new events are identified OK.