Best Practice guide for enabling Attack signature In BIG-IP ASM

Before working with F5 I suggest passing their training for ASM/AWAF as they have instructor or on-demand options.

https://www.f5.com/learn/training

Sorry but for more than just supporting/operations that is the best path.

For basic knowledge you can see 

https://my.f5.com/manage/s/article/K73819494 and 

https://www.youtube.com/@f5networkswwfieldenablemen226 

Outside of that you will need the developers to help as to tell you which server technologies are used or a staging environment where you can use the "Auto Detection" option for F5 to find them by seeing the request/responses. 

https://my.f5.com/manage/s/article/K000134827 

If the app is critical you may need to add low signatures but if not better have just medium or high as to be able to support it in the future. Also for not much experienced engineers better have automatic policy builder and configure trusted ip jump host where the developers can log in and connect to the app, so that false positives are cleared in a fast way. 

But as I said before deploying new waf policy you will need to build F5 AWAF knowledge and work with the developers.