For the following logs in SIEM-
P2P BitTorrent MetaInfo Retrieving Policy Violation: PolicyViolation|restricted-application|Inbound|Suspicious|signature|p2p|udp|
P2P BitTorrent File Transfer Policy Violation PolicyViolation|restricted-application|Inbound|Suspicious|signature|p2p|udp|
P2P BitTorrent Handshaking Policy Violation : PolicyViolation|restricted-application|Inbound|Suspicious|signature|p2p
P2P Torrent uTP BEP-29 Traffic Detected : PolicyViolation|restricted-application|Inbound|Maybe successful|signature|p2p|udp|
I do see a lot of traffic for the above rule messages. The Source IP's are using random higher range port numbers. Their Locations are random and target IP's are our internal IP's. I am confused as to how to approach with such logs. Is it safe to allow such traffic ?
Please let me know more about bittorrent traffic in this scenario.
Thanks in advance for the help.