F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!
14-Mar-2021 06:36
Hi
I wrote this irule to count violations and send email notification once it reaches out the max rate
It should send email notification if number of violations in ASM / AWAF crossed the 100 violations in maximum 7 days
After 7 days the counter will be reset if no violation was encountered
If during the 7 days the counter reach the 100 violations it will send the email notification and reset the counter
https://github.com/ac89live/f5-irules/blob/main/asm%20violation%20counter%20email%20notification.tcl
I tested it and it is working
If it is not written the best way and If someone has any suggestions or can enhance it more he is more than welcome 🙂
Anyway, one thing I'd like to mention is that this irule using global variables because there is some variables need to be the same on all TMMs.
So during the commit you might notice the F5 CLI note the following message "demoted from CMP" .. So be aware of this
22-Mar-2021 09:43
Nice Thanks . Just a note .For non static global variables you can test with the table command to share them between TMM :
https://support.f5.com/csp/article/K13033
or learn more...
