Managed Sentinel – Alert 182

Alert IDMS-A182
Alert NameExcessive SonicWall Admin Password Failures from CLI - SonicWall
DescriptionThis alert triggers when 50 or more login failures are detected to the SonicWall admin console, which can be indicative of someone attempting to gain unauthorized access to the device.
Severity LevelLow
Threat Indicator
MITRE ATT&CK TacticsInitial Access
Credential Access
Log sourcesCommonSecurityLog
False Positives
Recommendations