In case the EVENT_WR-Y-attack-601 warning (Possible attack - {NUM} requests with status code 404 within {NUM} seconds)
appears frequently, this can have the following causes:
- Bad links inside or outside the application.
- Forceful browsing, especially if all requests come from the same IP address.
- A misconfiguration of Airlock Gateway.
This event is generated if 10 or more requests result in status code 404 within 1 minute.
Since unnecessary requests affect the overall system performance, the cause(s) should be addressed soon. This event can be customized in frequency and number of log messages it is based on. See Customizing events for more information.