What does session_id = 0 means in ASM session tracking?
We have an ASM policy with session tracking enabled and working fine and we noticed that several ASM logs hace a session_id equals to 0. We suspected some botnet source but we don't know what it's the meaning of that zero value. How is usually got a value this parameter and why is set to zero in those cases?
Session Tracking with ASM - Block All Vs Delay Blocking
Hi Guys, I'm just looking to understand exactly the difference between the 'Block All' and 'Delay Blocking' options for session tracking on ASM policy. Both seem to block after a defined threshold is reached and will block for a defined period of time. It looks like the 'Delay Blocking' options is more granular however I expect that there is something significant I am overlooking. Also, the application I wish to use session tracking on does not have a login page. As a result I will be setting the 'Application Username' to 'none'. Will this allow me to still accurately track if an individual is spamming the application? Thank you