Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

Are you an expert?    Interested in presenting at F5 AppWorld 2024?    Submit a proposal by Nov 29th!

ASM fingerprinting with iRule

Rimvydas
Nimbostratus
Nimbostratus

‎20-Feb-2017 00:16 - last edited on ‎21-Nov-2022 22:18 by Fog

Hello,

 

Have some trouble to log fingerprints with iRule. Main goal is with iRule [ASM::fingerprint] and other info log to device unique fingerprint ID. I successfully write simple code :

 

when ASM_REQUEST_BLOCKING {
set fp [ASM::fingerprint]
set ip [IP::client_addr]
log local0. "Fingerprint is: $fp, IP: $ip"
}

And in log always showing 0. In F5 devcentral fingerprint description is: This iRules command returns the FP id if available. Returns 0 if not.

 

So what I have to do to available Fp ID?

 

Labels:
0 Kudos
3 REPLIES 3

nathe
Cirrocumulus
Cirrocumulus

‎20-Feb-2017 00:48

Have you enabled Fingerprinting in the GUI? I believe this is a Web Scraping configuration setting. If so, do you see if this is captured in the Requests logs too?

 

0 Kudos

Niels_van_Sluis
MVP
MVP

‎20-Feb-2017 00:49

Did you enable fingerprinting in your current active policy?

 

Security > Application Security > Anomaly Detection > Web Scraping

 

0 Kudos

Jan_40396
Nimbostratus
Nimbostratus

‎24-May-2017 22:48

As I have tested on version 13 is possible to log fingerprint ID but not for all requests. It looks like ASM need to process more requests or need some session informations. For my environment, fingerprint ID occurs after authentication process.

 

0 Kudos
Copyright © 2023 Khoros, LLC