Bot Blocked Logs in ASM

Question

Hello all.&nbsp;
&nbsp;Big-ip LTM + ASM v9.4.8&nbsp;
&nbsp;The ASM module is blocking repeated googlebot requests due to "illegal HTTP status in response". This is fine and dandy. However, is there any way I can get the ASM to not log these blocks as there are tons of them?&nbsp;
&nbsp;Ideally I'd like the ASM to block the request and when both the HTTP status and perhaps User-Agent are certain values then not to log this request.&nbsp;
&nbsp;Hope someone can help.&nbsp;
&nbsp;Kind rgds
&nbsp;N&nbsp;

jwham20 · Answer

@nathan 
&nbsp;  
&nbsp; Got to love the bots!   You can turn of the logging for that policy item by unchecking the alarm box in the policy blocking mask for "Illegal HTTP status in response"  
&nbsp;  
&nbsp; Policy -&gt; Blocking -&gt; Settings 
&nbsp;  
&nbsp; As for not logging only for specific status/user-agent pairs, in 9.X, not that I can think of. 10 introduces some new logging functions, but I can't think of a function out of the box that would do that.  Maybe some fun with the new versions of the logging profiles in the asm.  
&nbsp;  
&nbsp; Hope it helps! 
&nbsp;  
&nbsp; Josh

nathe · Answer

Thanks Josh - food for thought.

Forum Discussion

Bot Blocked Logs in ASM

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

Bot Management Strategy - Defense against malicious bots with F5 Distributed Cloud Bot Defense

Ridiculously Easy Bot Protection: How to Use BIG-IP APM to Streamline Bot Defense Implementation

Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Blocking Bots: How Silverline Shape Defense Works

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS