Ambiguous logs in /var/log/asm

Question

Hello Community,I noticed the below logs appearing in /var/log/asm frequently I am curious to know what could be the reason behind them.I just want to confirm that I dont have any "Automatic Policy" cofigured.&nbsp;=================================================info perl[x]: 01310053:6: ASMConfig change: [update] { audit: component = Policy Builder }info perl[x]: 01310053:6: ASMConfig change: [add]: IncidentType was set to Access from Malicious or Disallowed source.================================================

mohamed_ahmed_kansoh · Answer

Hi&nbsp;Sarah&nbsp;,&nbsp;&gt; I think you enable Automatic Learning with one of your policies so you find this Log much , I recommed to review your policies again maybe there is at least one policy has this option enabled by mistake.&nbsp;&gt; If you find any of your policies enables Automatic Learninng , this is maybe a reason for this Log.&nbsp;&gt; To know About "the Shape of Automatic policy builder " :&nbsp;Navigate this Article :&nbsp;https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-5-0/36.htmlHope this helps you&nbsp;

boneyard · Answer

Was that indeed the case Sarah&nbsp;
If so please flag the question as answered.

Forum Discussion

Ambiguous logs in /var/log/asm

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

ASM Logging to CLI /var/log/asm

Logging DNS Requests

ASM logs

Reminder: MFA now required to log in to DevCentral

How I did it - "Remote Logging with the F5 XC Global Log Receiver and Elastic"

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS