cancel
Showing results for 
Search instead for 
Did you mean: 

AWAF Bot Defense - Sensitive Parameter Masking

Mark_van_D
Cirrostratus
Cirrostratus

Hi there,

Have configured an AWAF policy to mask out a few sensitive parameters for incoming requests and that appears to be working as expected (log entries show data as masked)

However we also have Bot-Defense profiles attached and those same parameters are not masked in its log entries.

Does anyone have a solution for masking parameters across the board?

Thanks

Mark

1 REPLY 1

Better open a case as I think there was a bug but I couldn't find it. Also see if playing with the log publishers and what you can filter if you can hide the data or the HTTP body:

 

https://support.f5.com/csp/article/K11412315

https://support.f5.com/csp/article/K35284961#proc2