Managed Sentinel – Alert 182
| Alert ID | MS-A182 |
| Alert Name | Excessive SonicWall Admin Password Failures from CLI - SonicWall |
| Description | This alert triggers when 50 or more login failures are detected to the SonicWall admin console, which can be indicative of someone attempting to gain unauthorized access to the device. |
| Severity Level | Low |
| Threat Indicator | |
| MITRE ATT&CK Tactics | Initial Access Credential Access |
| Log sources | CommonSecurityLog |
| False Positives | |
| Recommendations |