Hello,
Guys, I have the following situation:
In the user's web filtering logs, I have several records of accesses to URLs that the user did not actually access. For example, in the logs there is an access by user X to a certain URL, and in fact what happened was that when opening another website, there was an advertisement on this website that generated a request in the firewall when loading the web page, and that counted as if it were a user access, because there was a request.
This often happens with betting sites, the user accesses any site, on this site there is an advertisement/advertisement for a betting site and this request generated when loading the ad, generated a kind of "false positive", in that the user did not actually access that betting site.
I wonder if anyone has experienced this and if there is a better way to filter this out? focus more on real traffic from the user itself and not on other requests that are not generated by him.
I understand that it would be enough to use the consumption verification, but there are no access details and times.
This thread was automatically locked due to age.
