Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

ASM Policy - How to collect information from tmsh

Mauricio_Ramos_
Nimbostratus
Nimbostratus

I'm new to F5 and I still have a lot of doubts. I appreciate anyone who can help me.

 

How can I collect information from the ASM policys? After a change is approved, we need to apply the policy. Where do I find this information? (date of application and changes)

 

This information I see in "tail -f / var / log / asm". But are there commands for that? (TMSH, with grep and etc.)

 

Thanks again.

1 ACCEPTED SOLUTION

For your doubts I suggest first to check the '' learn F5'' that has free training (start with the "Getting Started" short courses) as when you know the technology then you will see if it is good for your needs, also for the ASM and the other modules that F5 has short operations guides:

 

https://support.f5.com/csp/article/K85426947

 

 

 

From CLI you can't do a lot for the ASM module and this is why you use the GUI as this is the new way to go for many security devices like F5 (palo alto etc.). You can use the "ASM Audit Log in Security -> Application Security -> Policy -> Audit -> Logs" to see the changes made for each specific policy and revert to an older version (at one point it was called History menu).

View solution in original post

4 REPLIES 4

For your doubts I suggest first to check the '' learn F5'' that has free training (start with the "Getting Started" short courses) as when you know the technology then you will see if it is good for your needs, also for the ASM and the other modules that F5 has short operations guides:

 

https://support.f5.com/csp/article/K85426947

 

 

 

From CLI you can't do a lot for the ASM module and this is why you use the GUI as this is the new way to go for many security devices like F5 (palo alto etc.). You can use the "ASM Audit Log in Security -> Application Security -> Policy -> Audit -> Logs" to see the changes made for each specific policy and revert to an older version (at one point it was called History menu).

Nikoolayy,

Thank you very much for your help.

I will study with the link you sent.

 

The information via GUI, will help me a lot.

 

Thanks you again!!!!

Hello Mauricio.

Try with:

cat /var/log/asm | grep ASMConfig

Regards,

Dario.

Regards,
Dario.

Dario,

 

Thanks for your help. In this command, I can't see which policy has been updated.