Hi,
so question by question - a Device ID won't be generated when the Bot Defense profile is in Transparent mode unless you set "Verification and Device-ID Challenges in Transparent Mode" to Enabled. Check if Device IDs are generated.
In case you have a Device ID generated you could use this Device ID in a TPS-based DOS profile.
I cannot tell you how to configure the parameters in the Security Policy. I practically know nothing about your application. Therefore I cannot judge what parameters there are and how to handle them.
You can try to find the information in Security ›› Event Logs : Bot Defense : Bot Traffic. If the AWAF identified the attacker as a bot, you will get some graphs out of it.
If you are logging All Requests in the Security Policy, maybe you can also identify some characteristics of the attack from these requests. You will also find the Device ID here.
KR
Daniel