Technical Forum
Ask questions. Discover Answers.
cancel
Showing results for 
Search instead for 
Did you mean: 

Irule for logging Allowed Response status code

man
Nimbostratus
Nimbostratus

hi everyone

I have configured a policy that 500 code is not in the Allowed Response status code list on Policy Properties tab. But when i use asm events in i rule it doesnt log anything:

when ASM_RESPONSE_VIOLATION {

   log local0. "[ASM::violation_data]. unblocked for [IP::client_addr]"

}

I tested this events but nothing is logged and events doesnt trigger.

ASM_REQUEST_BLOCKING

ASM_REQUEST_DONE

ASM_REQUEST_VIOLATION

ASM_RESPONSE_VIOLATION

IN_DOSL7_ATTACK

1 ACCEPTED SOLUTION

Hi,

 

Did you enable Trigger ASM iRule Events on your ASM policy??

 

Cheers,

 

Kees

View solution in original post

2 REPLIES 2

Hi,

 

Did you enable Trigger ASM iRule Events on your ASM policy??

 

Cheers,

 

Kees

man
Nimbostratus
Nimbostratus

I enabled it and it works fine now. thank you for your response Kees