Forum Discussion
ghost-rider_124
Jun 01, 2015Nimbostratus
- boneyardJun 01, 2015MVPthe only other field that lists days, the staging-tightening period.
- ghost-rider_124Jun 02, 2015NimbostratusThanks boneyard. Again the same question, one 7 days over, ASM automatically puts the signature out of staging? sorry for my ignorance
- natheJun 02, 2015CirrocumulusAfraid not. You need to Enforce them manually in he staging-tightening part of the GUI.
- natheJun 02, 2015CirrocumulusSee https://support.f5.com/kb/en-us/products/big-ip_asm/manuals/product/asm-config-11-2-0/asm_learning.html
- ghost-rider_124Jun 02, 2015NimbostratusHi Nathan Thanks. Now I got the idea how to manually enforce all signatures that does not have violations after 7 days and the signatures that have violations then I have to check for false positive and enable or disable. I have just last few questions. Currently under attack signatures for the policy, 'learn' is 'unchecked' and under logging profile of policy 'log illegal request' is there. First Question - So to get the learning suggestion of new attack signatures, should I have to do below: i- Enable 'learn' for the attack signatures ii- logging profile for policy select "Log All Request" Second Question - What about the existing signature that just updated but not in staging, I will still get the learning suggestion or not?
- ghost-rider_124Jun 07, 2015NimbostratusHello Could you please reply on above question. Appreciated your time
- natheJun 08, 2015Cirrocumulusi yes ii not necessarily, that is separate to learning, more about seeing violations or all requests iii once you enable learn for attack signatures you will see manual traffic learning populated.
- ghost-rider_124Jun 08, 2015NimbostratusThanks a lot!
- natheJun 08, 2015Cirrocumulusno probs