High number of Event ID 1424 (DPI-SSL Connection Check) logs observed after firmware upgrade to SonicOS 7.2.0

Following an upgrade to firmware SonicOS 7.2.0, firewalls with DPI-SSL enabled will present a higher number of event logs identified as Event ID 1424 (DPI-SSL Connection Check). These events are triggered when users access HTTPS websites.

The logs are intended for debugging and to determine whether a connection was reset (RST) by the responder or initiator during the handshake phase was through the Connection Failure list ( Show Connections Failures button) on the Common Name tab, under Policy | DPI -SSL | Client SSL.

Firmware Versions prior to SonicOS 7.2.0 do not post these logs.

Event ID 1424 is generated when a connection fails due to a reset (RST) signal being received from either the client or the server after the handshake has commenced.

Administrators who wish to suppress these events from the logs can adjust the logging priority for Event ID 1424 to Debug. This modification ensures that such entries will only appear when the firewall’s logging level is set to Debug.

To change the priority level:

• Navigate to Device | Log | Settings.
• Click on the Filter button.
• Enter 1424 in the ID field and click Find.

• Modify the Priority level from Alert to Debug. Then, click Accept to save this setting.