Bot Blocked Logs in ASM

Question

Hello all.&nbsp;
&nbsp;Big-ip LTM + ASM v9.4.8&nbsp;
&nbsp;The ASM module is blocking repeated googlebot requests due to "illegal HTTP status in response". This is fine and dandy. However, is there any way I can get the ASM to not log these blocks as there are tons of them?&nbsp;
&nbsp;Ideally I'd like the ASM to block the request and when both the HTTP status and perhaps User-Agent are certain values then not to log this request.&nbsp;
&nbsp;Hope someone can help.&nbsp;
&nbsp;Kind rgds
&nbsp;N&nbsp;

jwham20 · Answer

@nathan 
&nbsp;  
&nbsp; Got to love the bots!   You can turn of the logging for that policy item by unchecking the alarm box in the policy blocking mask for "Illegal HTTP status in response"  
&nbsp;  
&nbsp; Policy -&gt; Blocking -&gt; Settings 
&nbsp;  
&nbsp; As for not logging only for specific status/user-agent pairs, in 9.X, not that I can think of. 10 introduces some new logging functions, but I can't think of a function out of the box that would do that.  Maybe some fun with the new versions of the logging profiles in the asm.  
&nbsp;  
&nbsp; Hope it helps! 
&nbsp;  
&nbsp; Josh

nathe · Answer

Thanks Josh - food for thought.

Forum Discussion

Bot Blocked Logs in ASM

2 Replies

Recent Discussions

CelluCare Reviews (NEw Updated Customer Warning Alert!) EXPosed Ingredients ^&@pro$49

CITRIX remote desktop solution using F5 APM

BIG-IP rseries license

F5 iRule to route traffic based on AS2 headers doesnt work

Trouble with TCP::option set 28

Related Content

Bot Management Strategy - Defense against malicious bots with F5 Distributed Cloud Bot Defense

Bot Defense for Mobile Apps in XC WAAP Part 1: The Bot Defense Mobile SDK

Bot Log is not showing in BIG-IQ

F5 Distributed Cloud Bot Defense Protecting AWS CloudFront Distributions

Blocking Bots: How Silverline Shape Defense Works