16-May-2023 11:57
Hello everyone, I am currently looking to see if there is any way to find out how much blocking each individual security policy has in place. I have not seen any reports I can run that would show the amount of blocking a policy currently has in place. I am told I might be able to get this info with commands from the iRest API, but I have not had any luck yet. Any input or help would be appreciated. BIG-IP ASM Module.
25-May-2023 06:14
When I look at Security Policy Configuration\Attack signatures for each security policy, we can see which signatures are enforced and in blocking, I wanted to see if their was a report I can run to see how many of the enforced signatures have the blocking checkmark. I have attached a jpg to help understand my question.
25-May-2023 08:59
@rsk22 try having a look a this script:
https://lnxgeek.org/doku.php/howtos:disable_an_attack_signature_via_api
It is a script I made to disable a signature but it can easily be modified to your needs.
Let me know if it helps you.
26-May-2023 05:42
I will take a look, thank you.