Was trying to obfuscate by changing the cookie name in the persistence cookie profile, but I'm still seeing instances of Learning suggestions in ASM (WAF) for the default cookie name BIGipServer<pool_name>
I've confirmed the persistence profile did save the changes, and is in use on the Virtual Server. Checking the cookie names in use on a browser shows the correct (updated) cookie name.
Is this a bug perhaps? I'm on 18.104.22.168.0.7
The change you made in the cookie insert profile applies to new connections only.
If there are current KeepAlive connections of clients (i.e. a typical webbrowser keeps connections open, even if having the site open in a tab or a different window).
There might be users which got the default cookie and simply did not close their browsers completely. They will keep sending the (unwanted) cookie until the browser is completely closed and this session cookie will be discarded.
Yep, and the ASM learning suggestions are seeing the default BIGIP cookie still and suggesting I add it that way, when in theory? the default cookie shouldn't be in use. I'm going to try setting an expiration timer on the cookie as opposed to session, and see if that clears any old cookies users may still have (I'm thinking even after several weeks.. users may not have closed their browsers)