Forum Discussion

Cirrostratus

Dec 30, 2016

Using a Second Logging Profile for one ASM Violation Type

Hi, I am presently logging all illegal requests to a single logging profile and I have created a second logging profile which will log remotely. What I want to do is when a particular type of vi...

MVP

Dec 31, 2016

you can attach multiple log profiles to a virtual server. only how to limit it to only a certain ASM category makes things more complex. that is a asm policy setting and you can't have two of them active.

have a look at the advanced options for logging, perhaps a certain response is enough in this case.

the alternative is an irule which sends a log with HSL if this violation is seen, but then you have to craft the data and such.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Using a Second Logging Profile for one ASM Violation Type

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

AWAF - Do not log Geolocation violations from the Event Log

iControl REST / Change a setting in ASM logging profile

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Separating False Positives from Legitimate Violations

Reminder: MFA now required to log in to DevCentral

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS