Is there a way to check for the error code 401? I did not see it in the url_response probe. Or, is the best method to use the url_response probe in combination of the NAS probe preprocessing rule to make the 401 error a clear instead of major? There are just times in our environment that hitting the 401 request for authentication is exactly what we are checking for. I would be open to using logmon or some other method. Key checking for the error code 401.