1. Logpoint Service Desk
  2. Community
  3. SIEM - Searching & Analytics

Scanned ports

Avatar
Follow
0

Hi !

I would like to know if it is possible to know hwo has scanned the sources ports and destinations ports ?

Thank you in advance :)

Best regards,

Siawash

Share This Post:

3 comments

Date Votes
0
Avatar
Nils Krumrey

You will need logs from somewhere that show those scans - either from the machines where the scans originate, or something that captures this on the network, e.g. a firewall this passes through, a router that logs this passing through its Access Control Lists etc.

Once you HAVE those logs, alerting and analysing on this activity is quite simple in Logpoint.

0
Avatar
Micropole

Hi @Nils Krumey ,

Thank you so much for your help.

Best regards,

Siawash

0
Avatar
sbelmadani

Hello ,

How can we query the SIEM for this information ?

thank you

Please sign in to leave a comment.