IDS/IPS entries disappear on browser window refresh

ebuckland81 · July 26, 2025, 9:48pm

I have seen some weirdness going on for IDS/IPS entries. When I refresh the window a couple of hours worth of entries disappear. When new entries are added and I refresh the window again a few entries, from a couple of hours back that previously was gone, are now added to the list again.

I’m running the On-premises Control HW, and it is accessed through Mobile Chrome Web browser on Android.

Expand to see some examples of oddities below.

Two new entries at 23:10.

After refresh, new entries are gone.

One new entry at 23:14.

After refresh, new entry is gone.

New entry at 23:17, plus some older entries reappears.

After refresh, new entry is gone but some older reappears.

Edit : Another note is that it is always exactly 239 entries shown after refresh. This is happens when opening up another browser and logging in. Exactly 239 entries and lagging behind.

ebuckland81 · August 26, 2025, 2:20pm

Bumping this one to see if it is local to me or a systematic issue.

Alta Labs, can you shed some light on this? Have you acknowledged it? Is it reproducible? @Alta-MikeD , @Alta-Matt_v2?

As I changed the notification level to Medium and later to High, the logging is now almost three weeks behind, so it is very hard to analyze the logs to further mitigate or ignore IDD/IPS happenings. I turned on the mails so I can sift through them one by one, but I prefer seeing everything in a chronological order in the log.

Alta-Matt_v2 · September 2, 2025, 3:48pm

I am able to reproduce what you’re seeing. I kicked it up to the developers and it looks like the refresh results in some of the events not being sent to the front-end for display. That is to say, the alerts are there, just not being sent to the front-end.

The developers are aware and are investigating.