Windows Login Brute Force Analyzer fails for events with no source port

Question

Windows Login Brute Force Analyzer fails for events with no source port

Closed this issue 3 months ago · 0 comments

Windows Login Brute Force Analyzer expects source port to be populated, however in some cases (for example SMB) the source IP and port may be recorded as "-". This currently causes the analyzer to fail.