Forum Discussion
Hoang_Hung
Cirrus
Thank Oguzy
I was been read article, I saw F5 use irule get violation name.
But I had event log on F5. Is it Http protocol compliance failed , right ?
Thanks
Hoang Hung
oguzy
Sep 18, 2021Cirrostratus
Hi Hoang,
Could you please try to determine the exact violation name using the following steps:
- Log in to the Configuration utility.
- Go to Local Traffic > iRules > iRule list.
- Select Create.
- For Definition, enter the following iRule code:
- when ASM_REQUEST_DONE {
- log local0. "ASM violation name: [ASM::violation names]"
- }
- Select Update.
- Associate the iRule with the appropriate virtual server.
- Send a request that triggers the violation that you want to forward to the OWS.
- Log in to the BIG-IP command line and search for the name of the violation.
- For example:
- grep -i violation /var/log/ltm
- The following log entry shows an example of a violation name as it should be used in the iRule:
- tmm[25875]: Rule /Common/asm_violation <ASM_REQUEST_DONE>: ASM violation name: VIOLATION_ILLEGAL_METHOD
- After you determine the violation name that you want to use in the iRule, you can remove the previous iRule from the virtual server configuration.