Forum Discussion

Frank_Nsubuga_3's avatar
Icon for Nimbostratus rankNimbostratus
Jan 17, 2019

Violation appearing in the event logs but not ASM learning suggestions



I've gone through DevCentral so I know similar questions have been asked, but none have the right answer.


When I type this URL: [HTTPS] /en/ty.exe, I get a violation/ support ID for the following:


Detected Violations


Illegal file type [1]


Illegal URL length [1]


Illegal request length [1]


The traffic is quite rightly blocked, but nothing appears within the learning suggestions.


All of the violations are set to learn in the "learning & block settings".


The policy is in manual learning with a


Does everything that appears in the event logs not create a learning suggestion even if you've got it set to do so?


Is this decided by the ASM policy learning speeds? (Fast, enhanced and comprehensive)



1 Reply

  • In learning page, click on filter / advanced and move the cursor from 5 to 0!


    Default learning suggestion under 5% are not displayed!