Support Center > Search Results > SecureKnowledge Details
Logs for accepted traffic displays action 'Drop' Technical Level
Symptoms
  • SmartLog shows wrong rule and action data - although the traffic is accepted, the matched rules displayed with action 'Drop'
  • The wrong rule number can be displayed or is missing
Cause

The log_indexer process gets a list of markers to fw.log from Solr and uses the cplog API to read them and build logs that can be rendered in SmartLog. If that list has 2 or more logs with different match_table format, the log_indexer will use the format of the first to read the match_table of the second and thus SmartLog will show incorrect values.


Solution
Note: To view this solution you need to Sign In .