Forum Discussion
Report: 1) All servers which are behind ASM in transparent/blocking 2) All active attack signatures in the policy
Hello!
I have a requirement from management for 2 reports:
1) a report which lists all the current servers with ASM active
I tried to get this info from ArcSight SIEM but the hostname field is empty and all I get is IP address.
2) second report which lists all active attack signatures for a policy
I tried exporting the policy but there are only signature numbers.
Any suggestion how I could accomplish the mentioned tasks?
Hi Erkkis
1) tmsh list ltm virtual | grep virtual policies asm 2) Getting all attack signatures? Security > Application Security > Policy Building > Learning and Blocking settings. Click on the "attack signature" dropdown, Then click on the "Signature set name" attached to the policy.
HTH
- ebenNimbostratus
Hi Erkkis
1) tmsh list ltm virtual | grep virtual policies asm 2) Getting all attack signatures? Security > Application Security > Policy Building > Learning and Blocking settings. Click on the "attack signature" dropdown, Then click on the "Signature set name" attached to the policy.
HTH
Thanks for the number 1. I will try that. For 2 I can see the signatures but there is no way that I can export that list from that page and management wants the list of all assigned attack signatures by e-mail. Any suggestions how I could list + export all the signatures that are active in the policy in the assigned signature sets?
- eben_259100Cirrostratus
Hi Erkkis
1) tmsh list ltm virtual | grep virtual policies asm 2) Getting all attack signatures? Security > Application Security > Policy Building > Learning and Blocking settings. Click on the "attack signature" dropdown, Then click on the "Signature set name" attached to the policy.
HTH
Thanks for the number 1. I will try that. For 2 I can see the signatures but there is no way that I can export that list from that page and management wants the list of all assigned attack signatures by e-mail. Any suggestions how I could list + export all the signatures that are active in the policy in the assigned signature sets?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com