Altostratus
NimbostratusHello,
In case of this request, it appears you have all the information you will need. The block was initiated because the HTTP status for the HTTP response from backend server is 409. That is not permitted according to your policy settings, and ultimately that's the cause of user request getting blocked.
If you click on Violations -> "Illegal HTTP status in response". You will probably see a "view details..." link to click on? If there, click on it as it will present you the exact request and violation details. Try the same for your other violations - if the link is not there, you're out of luck.
To prevent the same from happening again in the future, I recommend to tweak your logging solution so that only one production violation (non-staging entity) will be logged per single request. There are admins out there that will disagree, but I personally do not care for all the violation details of a request that violated several rules. The ASM action will be the same as in case of a single violation and that's why the details of a single violation will suffice, unless you really want to apply a different action in case of multiple violations.