F5 ASM - Logging Traffic Learning

Question

Hey team,&nbsp;
BIG-IP 12.1.3.5 Build 0.0.10 Point Release 5&nbsp;
Curious if ASM security policy Traffic Learning suggestions has logging, as in what user may have accepted what suggestion, deleted another, etc. &nbsp;
Also, if it has logging around security policy changes. I believe this does occur, but interested in if these (and the above logs, if they exist) can be syslog'd out. If that is the case, may need a quick run-down of where to turn on/expect this type of audit logging configuration.&nbsp;
Much appreciated!&nbsp;

samstep · Answer

every single ASM policy change is logged including traffic learning suggestion acceptance and yes it is sysloged into /var/log/asm - simply search it for a keyword "audit". &nbsp;

Forum Discussion

F5 ASM - Logging Traffic Learning

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

fellow traffic

Objectif of Learning mode in ASM

Logging TLS traffic less than TLSv1.2

Reminder: MFA now required to log in to DevCentral

Global Log Receiver

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS