F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

ErkkiS_295148's avatar
ErkkiS_295148
Icon for Cirrus rankCirrus
Feb 07, 2018
Solved

Report: 1) All servers which are behind ASM in transparent/blocking 2) All active attack signatures in the policy

Hello!   I have a requirement from management for 2 reports:   1) a report which lists all the current servers with ASM active   I tried to get this info from ArcSight SIEM but the hostname ...
ASM Advanced WAF
asm reporting
report
security
  • eben_259100's avatar
    eben_259100
    Feb 07, 2018

    Hi Erkkis

     

    1) tmsh list ltm virtual | grep virtual policies asm 2) Getting all attack signatures? Security > Application Security > Policy Building > Learning and Blocking settings. Click on the "attack signature" dropdown, Then click on the "Signature set name" attached to the policy.

     

    HTH

     

eben's avatar
eben
Icon for Nimbostratus rankNimbostratus
Feb 07, 2018

Hi Erkkis

 

1) tmsh list ltm virtual | grep virtual policies asm 2) Getting all attack signatures? Security > Application Security > Policy Building > Learning and Blocking settings. Click on the "attack signature" dropdown, Then click on the "Signature set name" attached to the policy.

 

HTH

 

  • ErkkiS_295148's avatar
    ErkkiS_295148
    Icon for Cirrus rankCirrus
    Feb 07, 2018

    Thanks for the number 1. I will try that. For 2 I can see the signatures but there is no way that I can export that list from that page and management wants the list of all assigned attack signatures by e-mail. Any suggestions how I could list + export all the signatures that are active in the policy in the assigned signature sets?