Skip to content

6.20.md

Latest commit

 

History

History
24 lines (16 loc) · 737 Bytes

6.20.md

File metadata and controls

24 lines (16 loc) · 737 Bytes

6.20 - Connections blocked by Cloud Armor

Detect any connection blocked by Cloud Armor's security policy, indicating potential exploit attempt.

Category: Network Activity
Use Cases: Audit, Detect
Data Sources: HTTP(S) LB Logs

Queries or Rules

BigQuery Chronicle Log Analytics
SQL Contribute rule Contribute query

Event Generation

No event generation steps provided. Contribute emulation test to this use case.

Sample Event

No log samples provided. Contribute log samples to this use case.