What are you changing the profile from and to during the attack? I'd like to understand a little more about the use case.
You do have a few options. One thing to keep in mind is that the bot profile operates at L7. At F5, DDoS is considered volumetric Layer 4 and is handled by the DoS profile that comes with AFM. There are no iRule commands associated with L4 DoS since many of the vectors are mitigated in our FPGA hardware on supported systems. iRules can not be invoked from DDoS events at that level.