Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Ambiguous logs in /var/log/asm

Sarah
Altocumulus
Altocumulus

‎18-Dec-2022 10:13

Hello Community,
I noticed the below logs appearing in /var/log/asm frequently I am curious to know what could be the reason behind them.
I just want to confirm that I dont have any "Automatic Policy" cofigured. 

=================================================
info perl[x]: 01310053:6: ASMConfig change: [update] { audit: component = Policy Builder }

info perl[x]: 01310053:6: ASMConfig change: [add]: IncidentType was set to Access from Malicious or Disallowed source.

================================================

Labels:
0 Kudos
2 REPLIES 2

Mohamed_Ahmed_Kansoh
MVP
MVP

‎18-Dec-2022 15:42

Hi @Sarah , 

> I think you enable Automatic Learning with one of your policies so you find this Log much , I recommed to review your policies again maybe there is at least one policy has this option enabled by mistake. 

> If you find any of your policies enables Automatic Learninng , this is maybe a reason for this Log. 

> To know About "the Shape of Automatic policy builder " : 
Navigate this Article : 

https://techdocs.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-implementations-11-5-0/36.h...

Hope this helps you 

_______________________
Regards
Mohamed Kansoh
0 Kudos

boneyard
MVP
MVP

‎01-Jan-2023 07:52

Was that indeed the case @Sarah 

If so please flag the question as answered.

0 Kudos
Copyright © 2023 Khoros, LLC