Accepting a request from Event Logs

Question

Hi,&nbsp;
If I accept a request that I can find to be blocked in the Event Logs -&gt; Application -&gt; Requests what do i really allow in the active policy that the request hit ? &nbsp;
If there is for example a violation that is considered as a illegal repeated parameter name. Does it then allow the parameter name or.. ?&nbsp;
BR&nbsp;
Teemu&nbsp;

tzoori_tamam_95 · Answer

Depending on the violation... in the case that you mentioned (Illegal repeated parameter) ASM will add the parameter if it's not already in the policy and check the "Allow Repeated Occurrences" on it.&nbsp;
The rationale in the accepting an illegal request it keeping it as specific as possible.&nbsp;

emil · Answer

This is an old thread but still relevant.ASM accept will do something only if there is a learning suggestion for the event/violation as well.https://support.f5.com/csp/article/K11730196

Forum Discussion

Accepting a request from Event Logs

2 Replies

Recent Discussions

Advise on setting up IRULE

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

F5Access | MacOS Sonoma

Rewrite uri translation not working

Related Content

How to make DNS resolutions in an HTTP request event work FOR you, not against you

Geolocation accept per url path

Security Automation with F5 BIG-IP and Event Driven Ansible

Distributed caching of authentication requests with NGINX Ingress Controller

Leveraging Ansible Rulebooks for Streamlined Event Triggers: Advantages and Benefits