Forum Discussion
Vitaliy_Savrans
Nacreous
Hi,
you can use something like this irule:
when ASM_REQUEST_DONE {
if { [ASM::violation attack_types] equals "ATTACK_TYPE_SQL_INJECTION"} {
ASM::unblock
}
}
More informaton about events in irule https://devcentral.f5.com/wiki/iRules.ASM__violation.ashx
nathe
Nov 12, 2014Cirrocumulus
And if you haven't already I believe you need to pop a check against "Trigger ASM iRule Events" in the policy (configuration/advanced screen).