Traffic Learning - want to see suggestions for only illegal requests

Unfortunately with ASM there is no global setting that can be set to only learn illegal or only learn legal. Traffic learning works by observing requests over time and determining that it is a "legal request" based on how many times it has seen a request. This can backfire if you see the same malicious request so many times. Now you can manually go into learning and blocking settings and uncheck what you do not want to learn. There is a specific checkbox for illegal redirection attempt near the bottom after headers. Traffic learning will only make changes if the policy is set to automatic and you have learning checked and it has seen enough requests that add up to 100 percent. If you do have all of those settings on and you still hit ignore suggestion this will disable automatic learning for that violation, as well as you not seeing anymore of the suggestions stacking up for that particular violation.

I hope I was clear and answered your question. Let me know if you want further guidance on this issue. If this helped please be sure to Accept this answer and upvote.