Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Device ID - Bot/Dos Profile

Go to solution
Sushant
Altostratus
Altostratus

‎14-Jun-2021 23:03

Will F5 generate any device id to the client if it is still in transparent mode ? Will my Device ID work in DOS profile if my Bot profile is still in transparent mode ? As for device id to work in context of DOS profile it must be configured under Bot profile as said so.

0691T00000CpOgQQAV.png

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
Daniel_Wolf
MVP
MVP

‎15-Jun-2021 08:22

Hi Sushant,

 

it will be generated in Transparent mode, but you have to enable "Verification and Device-ID Challenges in Transparent Mode".

0691T00000CpPtpQAF.pngKR

Daniel

View solution in original post

8 REPLIES 8

Go to solution
AlexBCT
MVP
MVP

‎15-Jun-2021 06:49

Hi Sushant,

 

Yes, this should still be generated. The main difference between Transparent mode and Blocking mode is that it won't take any action, but the process of getting and logging information stays the same.

 

Hope this helps.

0 Kudos

Go to solution
Daniel_Wolf
MVP
MVP

‎15-Jun-2021 08:22

Hi Sushant,

 

it will be generated in Transparent mode, but you have to enable "Verification and Device-ID Challenges in Transparent Mode".

0691T00000CpPtpQAF.pngKR

Daniel

Go to solution
Sushant
Altostratus
Altostratus
In response to Daniel_Wolf

‎15-Jun-2021 08:27

Hi Daniel,

 

That is what I was wondering about . Thank you AlexBCT and Daniel.. One more thing is there any possible way of verifying device id that is being allocated to the client ? any kind of log or anything ?

0 Kudos

Go to solution
Daniel_Wolf
MVP
MVP
In response to Sushant

‎15-Jun-2021 08:45

In Security ›› Event Logs : Application : Requests you will find information like Source IP, Device ID, Geolocation. You can forward that to some sort of SIEM and build a nice dashboard or view.

That's what you're trying to achieve?

0 Kudos

Go to solution
Sushant
Altostratus
Altostratus
In response to Sushant

‎15-Jun-2021 08:46

yes I am going to try out with ELK stack Daniel

0 Kudos

Go to solution
Sushant
Altostratus
Altostratus
In response to Sushant

‎15-Jun-2021 10:20

Daniel, Device ID not being displayed in the log side. any solution for this ?

0 Kudos

Go to solution
Daniel_Wolf
MVP
MVP
In response to Sushant

‎15-Jun-2021 11:03

Did you, in the logging profile under section Bot Defense, enable Log Device ID Collection Request?

I am using the default Log all requests profile and a custom Bot Defense logging profile with all checkboxes ticked.

 

0691T00000CpQazQAF.pngWith this config I can see it in Security ›› Event Logs : Bot Defense : Bot Requests when showing All Details (not in Basic view) and also in Security ›› Event Logs : Application : Requests.

0 Kudos

Go to solution
Sushant
Altostratus
Altostratus
In response to Sushant

‎15-Jun-2021 11:09

I just changed it from GENERATE AFTER ACCESS TO GENERATE BEFORE ACCESS. I could see then see the Device ID in the log . Let me even try the logging part as I have not enable the Bot logging part as well....

0 Kudos
Copyright © 2023 Khoros, LLC