Troubleshooting Tip: Logs generated with IPS signature 'app.control.signature.test'

nweckel · ‎09-19-2024

Description

This article describes the IPS signature 'app.control.signature.test' and the minimum information to provide to the Technical Assistance Center when opening a ticket if such logs are generated by a user device.

Scope

FortiGate and IPS.

Solution

It has been reported that in some cases, a large amount of logs are being generated with the IPS signature 'app.control.signature.test'.

The signature has ID 27840 and is not listed in the FortiGuard Intrusion Prevention encyclopedia as shown below:

Intrusion Prevention

The IPS signature 'app.control.signature.test' is a beta signature, meaning it is used for internal testing.

It should not generate logs in a production environment.

If logs are generated using this IPS signature, open a ticket via the support portal and provide the following information:

The device model.
The firmware version.
The IPS engine version.
A sample of the logs generated with this signature.

On a FortiGate, this information can be found using the following CLI commands:

get system status

diagnose autoupdate versions

The logs can be downloaded as described in the documentation linked below:

Security Events log page

Troubleshooting Tip: Logs generated with IPS signature 'app.control.signature.test'

You are leaving our website