F5 ASM - Stagged blocking settings is not send to remote log

Question

Hi All,refer to support article https://support.f5.com/csp/article/K15215363 that said stagged attack signature will not send to remote log, but i have some another stagged policy settings is file type, which while i was export from the remote log the url value are blank, but the actual event in f5 are there. my assumption the stagged event log not send to remote log. is that also will not send to remote log?&nbsp;*that attack signature is enforced&nbsp;

nikoolayy1 · Answer

Maybe check the link below as the logging profile may include the option to send even staged attack signature matches:
&nbsp;
https://community.f5.com/t5/technical-forum/logging-and-identify-the-violations-from-staged-signatures/td-p/134252
&nbsp;
&nbsp;
&nbsp;
The option in the F5 Advanced WAF logging profile is "Illegal requests, and requests that include staged attack signatures".
&nbsp;
&nbsp;
https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-13-1-0/14.html

Forum Discussion

F5 ASM - Stagged blocking settings is not send to remote log

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

WAF custom block page settings

Setting up persistence in F5 XC

Setting up BIG-IP with AWS CloudHSM

Block IP after a number of ASM Blocks

Block traffic

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS