cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

Attack Signature Staging Audit / History

danielpenna
Cirrus
Cirrus

Hi Team,

I have just started my attack signature journey being automatically pushed out via Big-IQ and loving the fact that I no longer have to deal with change windows etc! Currently my production system is just setup for auto updates and still require manually activation out of staging to be enabled.

 

In my Nonprod environment, I have the same autoupdate of attack signatures for the last few months and have setup autostaging ( I think I have! ) by setting my staged time to 14 days. The question is, is there a log/history/event that I can view that shows when attack signatures move out of staging and where the heck do I find it ?

2 REPLIES 2

NAG
Cirrostratus
Cirrostratus

Hi,

 

1) Go to Security  ››  Application Security : Attack Signatures

2) Select the ASM policy you want to work with

3) In advanced search section, set Staging value to "ready to be enforced"

0691T000008GLj6QAG.png

and click on Go.

 

Hope this helps,

Nag

 

danielpenna
Cirrus
Cirrus

Hi Nag,

Probably didnt explain my question very well. I have set up a 14 day time period for staging, so the assumption is after the 14 days these staged signatures go into blocking with the policy ( if staging is succesful ). I am trying to find on the F5 WHERE the logs for this transition from staging to blocking is.