Forum Discussion
hooleylist
Jan 12, 2011Cirrostratus
Hi Grant,
Here are steps you can use to get details on the attack signature:
Navigate in the GUI to Application Security | Reporting | Requests
expand the filter list
enter the Support ID in the Support ID filter
click search
click on the requested URL for the returned record
click on Attack signature detected
in the popup, click the 'View details...' link
The portion of the request which matched the attack signature should be highlighted in red.
You can get the attack signature name from the /var/log/asm log file as well.
Aaron