14-Jun-2021 23:03
Will F5 generate any device id to the client if it is still in transparent mode ? Will my Device ID work in DOS profile if my Bot profile is still in transparent mode ? As for device id to work in context of DOS profile it must be configured under Bot profile as said so.
Solved! Go to Solution.
15-Jun-2021 08:22
Hi Sushant,
it will be generated in Transparent mode, but you have to enable "Verification and Device-ID Challenges in Transparent Mode".
KR
Daniel
15-Jun-2021 06:49
Hi Sushant,
Yes, this should still be generated. The main difference between Transparent mode and Blocking mode is that it won't take any action, but the process of getting and logging information stays the same.
Hope this helps.
15-Jun-2021 08:22
Hi Sushant,
it will be generated in Transparent mode, but you have to enable "Verification and Device-ID Challenges in Transparent Mode".
KR
Daniel
15-Jun-2021 08:27
Hi Daniel,
That is what I was wondering about . Thank you AlexBCT and Daniel.. One more thing is there any possible way of verifying device id that is being allocated to the client ? any kind of log or anything ?
15-Jun-2021 08:45
In Security ›› Event Logs : Application : Requests you will find information like Source IP, Device ID, Geolocation. You can forward that to some sort of SIEM and build a nice dashboard or view.
That's what you're trying to achieve?
15-Jun-2021 08:46
yes I am going to try out with ELK stack Daniel
15-Jun-2021 10:20
Daniel, Device ID not being displayed in the log side. any solution for this ?
15-Jun-2021 11:03
Did you, in the logging profile under section Bot Defense, enable Log Device ID Collection Request?
I am using the default Log all requests profile and a custom Bot Defense logging profile with all checkboxes ticked.
With this config I can see it in Security ›› Event Logs : Bot Defense : Bot Requests when showing All Details (not in Basic view) and also in Security ›› Event Logs : Application : Requests.
15-Jun-2021 11:09
I just changed it from GENERATE AFTER ACCESS TO GENERATE BEFORE ACCESS. I could see then see the Device ID in the log . Let me even try the logging part as I have not enable the Bot logging part as well....