configuring ASM

We are using version 9.2 something of the ASM. We want to move a commercial web application behind it as we discovered it has some XSS in the login and some other public pages. This app has 100's of parameters and we are not worried about the ones that are there after the user logs in. We just want to protect the public ones. We put it in learning mode using the rapid application deployment template but it is learning all the parameters and the users get a lot of false positive blocks due to attack signatures picking up the text they enter in form fields as an attack.

 

What would be the best way to configure this so that just the few pages and few parameters are protected and everything else is ignored. We are new to it so a bit of detail would help too. Thanks in advance for your help.