Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

IP Address Exception set to Never Log - continues to log for IP in this /20 range

saidshow
Cirrus
Cirrus

‎19-Sep-2021 20:56

We recently upgraded to Big IP ver 15.1.2.1 and have had a couple minor issues along the way.

 

We have created a new ASM policy and added an "IP Address Exception" to this policy. The exception includes a /20 CIDR (net mask 255.255.240.0). The setting for this IP Exception are as follows:

 

  • Policy Builder: Don't Trust IP
  • Brute Force Detection: Include IP
  • Learning Suggestions: Ignore IP
  • Log Traffic: Never Log
  • Block this IP: Policy Default
  • IP Intelligence: Include IP

 

The issue we have is that despite this setting: "Log Traffic: Never Log", we continue to see alerts logged for these IPs. As this is a scanner service we pay for, we wish to prevent this from logging in our TEST environment.

 

Has anyone had an issue where they were unable to prevent the logging of events despite the IP Address Exception being in place?

 

Thank you

Labels:
0 Kudos
0 REPLIES 0
Copyright © 2023 Khoros, LLC