I recently upgraded the Cisco WSA TA and now all WSA logs are being tagged as Malware and Attack traffic.
It seems the logs I am receiving have not got any AV scan information included and all such fields of the logs are marked as 'Unknown'.
Any help on where to start debugging this problem would be appreciated.