Forum Discussion

JWhitesPro_1928's avatar
Icon for Cirrostratus rankCirrostratus
Jun 19, 2018

ASM Child policies can't accept asm events

"This action is disabled for security policies with parent policy." - When you go to accept an event in ASM...


Is there a way to disable this so that I can accept the event...if there is not then I do not see the point of child policies...


2 Replies

  • Emil's avatar
    Icon for Altocumulus rankAltocumulus

    I have the same issue. I used a parent policy so that we can have "layered security" and not to do some settings repeatedly. It seemed a good idea in the beginning but now it seems it makes things more difficult.

    My child policy is with all inheretance either none or optional but still accept is greyed out for some false positive violations. What is the best way to fix this? Manual configuration of parameters and settings for each violation which needs to be allowed seems tedious..

    How can I check for the triggered violations what is the learning score (from the Application requests event log)? 

  • Most likely what has happened is that the inheritance setting for the suggestion you cannot accept from the child is "mandatory." This means that the violation needs to reach a learning score above 50 percent before it will appear in the parent policy. Can you try changing the inheritance rule from "mandatory" to "optional" and then accept the suggestion from the child?