Hi all
I'm getting the following, I am aware also what is causing it (a known internal security scan), how can i DISABLE getting notified about these "IP.Unknown.Option" alerts? can someone point me to the right cli commands (or gui settings) Its a fg200b running 5.2.13
Message meets Alert condition
The following intrusion was observed: IP.Unknown.Option.
date=2020-07-25 time=21:38:55 devname=XXXXXX devid=XXXXXX logid=0720018432 type=anomaly subtype=anomaly level=alert vd="root" severity=critical srcip=XXXXXX srccountry="Reserved" dstip=XXXXXX srcintf="XXXXXX" sessionid=0 action=dropped proto=6 service=HTTP count=2 attack="IP.Unknown.Option" srcport=33753 dstport=80 attackid=108 ref="http://www.fortinet.com/ids/VID108" msg="anomaly: IP.Unknown.Option, repeats 2 times" crscore=50 crlevel=critical
