Threat Protection Allow list files

Solved
Kyojuro
Here to help

Threat Protection Allow list files

Hello, 

Can anyone help me understand how to use this function in Meraki AMP?

Meraki states " For files, javascripts, and other objects that are not URLs, the MX appliance assigns a unique ID. You can see the blocked items in the Event log page. By entering the ID of the object you want to allow in the Allow list files section you can instruct the appliance to allow the detected signature, even if the URL is different."

I'm looking in the Event Log Page of the dashboard for any kind of Object ID and I'm not seeing anything like that. Is there somewhere else I should be looking? Seems like there aren't any tutorials for this on the web either. 

 

Thank you. 

 

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

Actually, it is in the main event log.  Try filtering on blocked files to see only those events.

 

PhilipDAth_0-1647288235903.png

 

View solution in original post

3 Replies 3
ww
Kind of a big deal
Kind of a big deal

if you dont have any hits you cant see them and not allow them

PhilipDAth
Kind of a big deal
Kind of a big deal

If it is not there, try looking under:

Security & SD-WAN/Security Centre/MX Events

 

PhilipDAth_0-1647288115575.png

 

PhilipDAth_1-1647288135991.png

 

PhilipDAth
Kind of a big deal
Kind of a big deal

Actually, it is in the main event log.  Try filtering on blocked files to see only those events.

 

PhilipDAth_0-1647288235903.png

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels