Forum Discussion

Teemu_Kunnari_1's avatar
Teemu_Kunnari_1
Icon for Nimbostratus rankNimbostratus
Dec 21, 2015

Accepting a request from Event Logs

Hi,   If I accept a request that I can find to be blocked in the Event Logs -> Application -> Requests what do i really allow in the active policy that the request hit ?   If there is for exam...
ASM Advanced WAF
security
Tzoori_Tamam_95's avatar
Tzoori_Tamam_95
Historic F5 Account
Dec 21, 2015

Depending on the violation... in the case that you mentioned (Illegal repeated parameter) ASM will add the parameter if it's not already in the policy and check the "Allow Repeated Occurrences" on it.

 

The rationale in the accepting an illegal request it keeping it as specific as possible.

 

  • Emil's avatar
    Emil
    Icon for Altocumulus rankAltocumulus
    Oct 03, 2022

    This is an old thread but still relevant.

    ASM accept will do something only if there is a learning suggestion for the event/violation as well.

    https://support.f5.com/csp/article/K11730196