We just received an alert from an upstream SG UTM Firewall that the downstream XG firewall was blocked by SG due to ATP. This is DNS traffic towards namecheap DNS servers. Probably for for718-whileteam__heldlead__com (__ is a dot .) 2021:04:09-13…

I can't remove the logs even after flush/purge the reports. Why? it's possible to do it? By the way ATP logs are enable in the settings but don't appear in the logs even with I filter, do I have to enable the log in the LAN->WAN firewall rule? or…