For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Stefan_Klotz_85's avatar
Stefan_Klotz_85
Icon for Cirrus rankCirrus
Mar 10, 2016

ASM traffic learning limitations

I would be very interested in more transparency in regards of the traffic learning process and especially the limitations of the internal table/database, where learning suggestions are stored. We fou...
ASM Advanced WAF
security
TMOS
Chris_Grant's avatar
Chris_Grant
Icon for Employee rankEmployee
Mar 14, 2016

There aren't any manuals or formal documents on this, no. And yes, it's a First In First Out model. In extreme cases this can happen very quickly (worst I've seen was 45 minutes worth of retained logs). The best approach is to review them regularly to prevent them from filling up your logs.

 

And you are correct, there is no tmsh command to review the size of the tables.