For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Lopf's avatar
Lopf
Icon for Nimbostratus rankNimbostratus
Apr 25, 2019

log illegal requests in ASM policy transparent mode

If we have an ASM policy applied on a virtualserver in transparent mode, no request is treated as "Illegal request". Hence we can't see what is blocked.   We want to know what WOULD be blocked if ...
application delivery
ASM Advanced WAF
security
Erik_Novak's avatar
Erik_Novak
Icon for Employee rankEmployee
Apr 30, 2019

OOTB functionality is illustrated in the screenshot above. If you selected Log illegal requests and assigned it to the virtual server it should work. It sounds like maybe you have created a custom logging profile, which is fine. If you have a custom profile you need to assign it to the virtual server in the same way. Can you try sending a request you know is illegal, perhaps by triggering a simple attack signature? If you go to the Learning and Blocking Settings page, do any of the violations, especially attack signature violations, have the "Alarm" check box selected?