Will F5 generate any device id to the client if it is still in transparent mode ? Will my Device ID work in DOS profile if my Bot profile is still in transparent mode ? As for device id to work in context of DOS profile it must be configured under Bot profile as said so.
Solved! Go to Solution.
Yes, this should still be generated. The main difference between Transparent mode and Blocking mode is that it won't take any action, but the process of getting and logging information stays the same.
Hope this helps.
That is what I was wondering about . Thank you AlexBCT and Daniel.. One more thing is there any possible way of verifying device id that is being allocated to the client ? any kind of log or anything ?
In Security ›› Event Logs : Application : Requests you will find information like Source IP, Device ID, Geolocation. You can forward that to some sort of SIEM and build a nice dashboard or view.
That's what you're trying to achieve?
Did you, in the logging profile under section Bot Defense, enable Log Device ID Collection Request?
I am using the default Log all requests profile and a custom Bot Defense logging profile with all checkboxes ticked.
With this config I can see it in Security ›› Event Logs : Bot Defense : Bot Requests when showing All Details (not in Basic view) and also in Security ›› Event Logs : Application : Requests.
I just changed it from GENERATE AFTER ACCESS TO GENERATE BEFORE ACCESS. I could see then see the Device ID in the log . Let me even try the logging part as I have not enable the Bot logging part as well....