UNABLE TO LEARN SOME REQUEST VIOLATION IN BIGIP ASM 12.1.0

Question

I am using BIGip ASM version 12.1.0. I have configured virtual servers &amp; blocking policies on those virtual servers . I am able to learn requests for some violations but for some violations I am not able to learn suggestions in Security--&gt;APPLICATION security--&gt;policy building--&gt;traffic learning but the same requests can be seen in security--&gt;eventlogs--&gt;applictaion--&gt;request. Since I am not able to learn suggestion for this request I am not able to accept or ignore violation.&nbsp;
Please help me if it is a bug or known issue in BigIP 12.1.0&nbsp;

samstep · Answer

Deepti, these violations are not learnable, you will need to add them manually to the policy.&nbsp;
See ASM Configuration Guide: &nbsp;
The following violations are considered unlearnable:&nbsp;
Request length exceeds defined buffer sizeCSRF authentication expiredIllegal session ID in URLLogin URL bypassedLogin URL expiredCookie ViolationsASM Cookie HijackingExpired timestampModified ASM cookieInput ViolationsIllegal number of mandatory parametersFailed to convert characterBrute Force: Maximum login attempts are exceededNull in multi-part parameter valueNegative Security ViolationsVirus detectedRFC ViolationsCookie not RFC-compliant
These are other special violations for which the system does not provide learning suggestions:&nbsp;
Access from disallowed User/Session/IPWeb scraping detected
Hope this helps,&nbsp;
Sam&nbsp;

petewhite · Answer

Can you give us an example please - there are some violations that cannot be learned such as HTTP header errors. Violations related to file types, URLs, parameters etc should have learning suggestions.

deepti_nayak_26 · Answer

I couldnot learn violations for HTTP protocol compliance(Null Request),failed to convert character.&nbsp;

deepti_nayak_26 · Answer

I couldn't learn violations for HTTP protocol compliance(Null Request),failed to convert character.&nbsp;

deepti_nayak_26 · Answer

I couldn't learn violations for HTTP protocol compliance,failed to convert character.&nbsp;

Forum Discussion

UNABLE TO LEARN SOME REQUEST VIOLATION IN BIGIP ASM 12.1.0

6 Replies

Recent Discussions

F5Access | MacOS Sonoma

Rewrite uri translation not working

Chrome V 124+ on MacOS - Virtual Server Access Issue

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Unable to access GUI

Distributed caching of authentication requests with NGINX Ingress Controller

Rate limiting GraphQL API query using iRule and Advanced WAF Violation

Logging DNS Requests

Separating False Positives from Legitimate Violations