Forum Discussion

Mike_Nepomny's avatar
Icon for Nimbostratus rankNimbostratus
Jan 04, 2011





I am getting all violations from the policy except "Attack signature detected". Are there any way to get "Attack signature detected" violation with ASM->Policy->get_violation_flags() or any other method?



Thank you.


3 Replies

  • Hi Mike,




    I haven't used iControl with ASM before, but maybe it looks like you can set an Attack Sig via iControl on an Object parameter. I don't see anything in the iControl ASM wiki for the attack sigs that would be applied to headers or URLs though. Nor do I see any references to attack sig sets (not the updates of the global attack signatures but the collection of signatures that can be assigned to a policy in groups). Anyone have ideas on this?





    I guess the object could have a URI of * and param name of * for a global parameter.






  • Hi Aaron,



    Are there any way to fetch violations from traffic learning ?



    Thank you.


  • Hi Mike,



    I don't believe that you can retrieve the learning suggestions via iControl based on a quick read through of the ASM portion of the iControl API:





    You could confirm this with a case with F5 Support. If the functionality doesn't exist now, you could open a request for enhancement.