Products: Squid - Squid Proxy
| Rule ID | Rule Name |
|---|---|
| MATCH-S00209 | CVE-2021-44228 Log4j2 Java Library 0-Day Attempt |
| LEGACY-S00013 | Connection to High Entropy Domain |
| LEGACY-S00042 | HTTP Request to Domain in Non-Standard TLD |
| THRESHOLD-S00016 | HTTP Response Error Spike - Internal |
| MATCH-S00457 | Large File Upload |
| THRESHOLD-S00026 | Possible Credential Abuse |
| MATCH-S00835 | Possible Dynamic URL Domain |
| LEGACY-S00095 | Server-Side Code Injection in URL |
| OUTLIER-S00006 | Spike in Data Transferred Outbound by User |
| OUTLIER-S00010 | Spike in URL Length from IP Address |
| LEGACY-S00111 | Threat Intel - Device IP Matched Threat Intel URL |
| LEGACY-S00109 | Threat Intel - Matched Domain Name |
| Log Mapper ID | Log Mapper Name |
|---|---|
| 427c35ff-c762-48ae-a3a2-50eacf543e39 | Squid |
| 3d23e328-df86-48a7-b820-a0e9626db594 | Squid Proxy - Parser |