ASM logging potential attacks signatures

First thanks. Yes, the staging was disabled. The alarm and the block was flagged. If I don't mark the learn checkbox, nothing occurs then. The problem is the way that the customer needs to use the ASM. He need to block the specific points and just alarm another possible vulnerable points, coming from matched wildcard to prevent false positives and stop the application. In my vision, the concept of ASM was made to protect everything and not sometimes, but the customer needs to protect sometimes and always trigger alarm. For while, my solution was to make two policies: the first blocking attacks (such parameters, cookies, etc) and the second policy to alarm at all and this will be selected by an Local Traffic Policy to select the appropriate ASM policy. But this solve 90% once the blocking policy not trigger alarms.