ASM fingerprinting with iRule

Question

Hello,&nbsp;Have some trouble to log fingerprints with iRule. Main goal is with iRule [ASM::fingerprint] and other info log to device unique fingerprint ID. I successfully write simple code :&nbsp;when ASM_REQUEST_BLOCKING {
set fp [ASM::fingerprint]
set ip [IP::client_addr]
log local0. "Fingerprint is: $fp, IP: $ip"
}And in log always showing 0. In F5 devcentral fingerprint description is: This iRules command returns the FP id if available. Returns 0 if not.&nbsp;So what I have to do to available Fp ID?&nbsp;

nathe · Answer

Have you enabled Fingerprinting in the GUI? I believe this is a Web Scraping configuration setting. If so, do you see if this is captured in the Requests logs too?&nbsp;

niels_van_sluis · Answer

Did you enable fingerprinting in your current active policy?&nbsp;
Security &gt; Application Security &gt; Anomaly Detection &gt; Web Scraping&nbsp;

jan_40396 · Answer

As I have tested on version 13 is possible to log fingerprint ID but not for all requests. It looks like ASM need to process more requests or need some session informations. For my environment, fingerprint ID occurs after authentication process.

Forum Discussion

ASM fingerprinting with iRule

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

iRULE regsub error

owa iapp assign irule

Irule Trigger two times

iRule assistance for subfolder redirect

What are the differences between fingerprint and device ID?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS