We need to be able to postprocess the alerted IP in the popop display.
- a click on the alerted IP triggers the predefined command
- command supports a merge-tag [IP];
- “Whois Lookup Captcha”
- “c:\server\admin-script\network\firewall\log_fwalert_user.ps1 [IP]”
What they should have, at the least, is reverse dns lookup on the ip in the alert box. This seems to be standard is most other firewalls. A customizable command would also be nice, so you can start SmartWhois or whatever tool you choose.
Good idea. A wish for reverse lookup to be implemented has already been made here. If you support this wish please vote for it.
Let me know if you have any questions.