diff --git a/src/warden-client/doc/README b/src/warden-client/doc/README
index 6477e13e90e12656dc288e170c5033366d64dde1..20002393a38c824da37dc8383597c3746814ce62 100644
--- a/src/warden-client/doc/README
+++ b/src/warden-client/doc/README
@@ -345,6 +345,8 @@ I. Functions, Arguments and Calls
     # portscan    - scannig of TCP/UDP ports
     # bruteforce  - bruteforce/dictionary attack against authentication
     #               service(s)
+    # probe       - other connection attempts (for example ICMP) or
+    #               unrecognized/undecided portscan or bruteforce
     # spam        - unsolicited e-mail that does not have phishing-like
     #               character
     # phishing    - e-mail attempting to gather sensitive data
diff --git a/src/warden-client/doc/README.cesnet b/src/warden-client/doc/README.cesnet
index c32f38d02fb255c84560d9c7bbece6d27e82114b..d49a045601d86697eb171b28320e63d65f6883fd 100644
--- a/src/warden-client/doc/README.cesnet
+++ b/src/warden-client/doc/README.cesnet
@@ -128,6 +128,8 @@ D. Types of events
 
    * portscan - TCP/UDP port scanning/sweeping
    * bruteforce - dictionary/bruteforce attack to services authentication
+   * probe - other connection attempts (for example ICMP) or
+             unrecognized/undecided portscan or bruteforce
    * spam - unsolicited commercial email (except phishing)
    * phishing - email, trying to scam user to revealing personal information
      (possibly by some other channel)
diff --git a/src/warden-server/etc/warden-server.conf b/src/warden-server/etc/warden-server.conf
index 78d29a08b13b9ea0acfdd9e1c4821b9225ba0b80..acb9eb9695bb98195ea46548f5393f591e520f38 100644
--- a/src/warden-server/etc/warden-server.conf
+++ b/src/warden-server/etc/warden-server.conf
@@ -42,5 +42,5 @@ $MAX_EVENTS_LIMIT = "1000000";
 # VALID_STRINGS - validation hash containing allowed event attributes
 #-------------------------------------------------------------------------------
 %VALID_STRINGS = (
-"type" => ["portscan", "bruteforce", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
+"type" => ["portscan", "bruteforce", "probe", "spam", "phishing", "botnet_c_c", "dos", "malware", "copyright", "webattack", "test", "other", "_any_"],
 );
diff --git a/src/warden-server/sh/install.sh b/src/warden-server/sh/install.sh
index 0485dab70f88c233e500cf78ac5f2eef41aaa284..52d2170103f21c164709a98e310bc80b87c92f36 100755
--- a/src/warden-server/sh/install.sh
+++ b/src/warden-server/sh/install.sh
@@ -232,7 +232,7 @@ make_server_conf()
 # VALID_STRINGS - validation hash containing allowed event attributes
 #-------------------------------------------------------------------------------
 %VALID_STRINGS = ( 
-\"type\" => [\"portscan\", \"bruteforce\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
+\"type\" => [\"portscan\", \"bruteforce\", \"probe\", \"spam\", \"phishing\", \"botnet_c_c\", \"dos\", \"malware\", \"copyright\", \"webattack\", \"test\", \"other\", \"_any_\"],
 );
 " > $server_conf 2> $err; ret_val=`echo $?`