Mask sensitive data in ASM

Question

Hi all,&nbsp;from theASMmodule, I canmask some data(such as passwords)inlogsthataresenttoanexternalsyslog?&nbsp;
&nbsp;Thanks
&nbsp;m&nbsp;

mike_maher · Answer

Depending on what version of the software you are running, when you create a parameter there is a check box to mark it as a sensitive parameter and that will hide the value in the logs&nbsp;

hoolio · Answer

Hi Mauro, 
&nbsp;  
&nbsp; Are these parameters in the HTTP request URI or payload that you want to mask?  If so, have you configured them as sensitive parameters in the policy?  I'm not sure whether ASM supports masking sensitive data outside of parameters though. 
&nbsp;  
&nbsp; Aaron

mauro_59211 · Answer

Thanks for your answers, 
&nbsp; Use this release: 
&nbsp; BIG-IP 10.2.1 Build 297.0 Final, 
&nbsp; the parameter are in payload. 
&nbsp;  
&nbsp; I thought the field was reported only sensitive to the responses of the web server to the client, and not to the logs, but I read now in the online web help that is also working on the logs :-) I  try now its, thanks 
&nbsp; mauro

Forum Discussion

Mask sensitive data in ASM

3 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

VIP in https that redirect to another vip in https

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

Unblock Request WAF

F5OS login with admin/root failed via console

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Related Content

irule or ASM Dataguard to mask sensitive data.

Lightboard Lessons: OWASP Top 10 - Sensitive Data Exposure

Deploy High-Availability and Latency-sensitive workloads with F5 Distributed Cloud

Accelerating AI Data Delivery with F5 BIG-IP

Response port masking

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS