This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Syslog alert - virus unscannable

We received the belwo critical alert from our syslog server for a couple days with various source computers and a couple destination IP's (cloudflare is one). I log into the UTM/device and I can't  find a 'Virus' or 'Anti-Virus' log.  

device="SFW" date=2022-07-04 time=00:09:50 timezone="EDT" device_name="XGname" device_id=xxxxxxxxxxx log_id=xxxxxx log_type="Anti-Virus" log_component="HTTP" log_subtype="Virus" status="" priority=Critical fw_rule_id=5 user_name="xxxxxx" iap=7 av_policy_name="" virus="Unscannable" url="">crl.sectigo.com/SectigoRSACodeSigningCA.crl" domainname="crl.sectigo.com" src_ip=,xxxxxxx src_country_code=USA dst_ip=172.64.155.188 (unresolved) dst_country_code=USA protocol="TCP" src_port=xxxxx dst_port=80 sent_bytes=232 recv_bytes=96085 user_agent="Microsoft-CryptoAPI/10.0" status_code=500

Thanks in advance



This thread was automatically locked due to age.

Top Replies

  • Hi  It seems under Web > General settings > Action on malware scan failure > Set to block with your XG and malware scanning seems to fail for the above URL which you have mentioned at Proxy…