Hi Daniel,
bot profiles is already configured with device ID enabled and enforcement mode is set to transparent in system.
As i have verified other settings there is no brute force attack/DOS protection enabled for virtual server. The Application security policy configured with minimal protection as only few parameters are set to block or alarm. Could you please suggest which parameters should be blocked ?
Also could you please let me know how to collect such flood type request in application event logs to prepare report on it.
thanks