Meraki

Community

Threat Protection Allow list files

Solved
Kyojuro
Here to help
‎Mar 14 2022 11:41 AM
‎Mar 14 2022 11:41 AM

Threat Protection Allow list files

Hello, 

Can anyone help me understand how to use this function in Meraki AMP?

Meraki states " For files, javascripts, and other objects that are not URLs, the MX appliance assigns a unique ID. You can see the blocked items in the Event log page. By entering the ID of the object you want to allow in the Allow list files section you can instruct the appliance to allow the detected signature, even if the URL is different."

I'm looking in the Event Log Page of the dashboard for any kind of Object ID and I'm not seeing anything like that. Is there somewhere else I should be looking? Seems like there aren't any tutorials for this on the web either. 

 

Thank you. 

 

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 14 2022 1:04 PM
‎Mar 14 2022 1:04 PM

Actually, it is in the main event log.  Try filtering on blocked files to see only those events.

 

PhilipDAth_0-1647288235903.png

 

View solution in original post

3 Replies 3
ww
Kind of a big deal
Kind of a big deal
‎Mar 14 2022 12:50 PM
‎Mar 14 2022 12:50 PM

if you dont have any hits you cant see them and not allow them

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 14 2022 1:02 PM
‎Mar 14 2022 1:02 PM

If it is not there, try looking under:

Security & SD-WAN/Security Centre/MX Events

 

PhilipDAth_0-1647288115575.png

 

PhilipDAth_1-1647288135991.png

 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 14 2022 1:04 PM
‎Mar 14 2022 1:04 PM

Actually, it is in the main event log.  Try filtering on blocked files to see only those events.

 

PhilipDAth_0-1647288235903.png

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.