Ok so the point of staging mode is to allow the ASM and its administrator to see what sort of traffic will pass through it. After the 7 days it will make suggestion and you will want to use those in conjuction with knowledge of the application behind the ASM to make the adjustments in the policy. Once you make a adjustment on a staged entity yes the staging period is restarted again to see if any other violations occur. The idea behind this is that after a while you should see no more suggestions. However if you have this deployed in a full production environment you may still see some due to people poking at your application from the outside looking for soft spots to attack. So you do need to have some knowledge of the application itself to know what is legitimate traffic and what is not if you are not in a "trusted" test environment.
Are you using policy builder or it is just in Transparent mode and you are doing all manual learning?
Mike
Cirrus
