ASM- Brute Force Mitigation Dynamic
Hi,
I have a situation here, the dynamic brute force mitigation we set (after a lot of trial and error) detects the login failures however the prevention policy it is applying is not constant. lets say the attack continously happening for 4 hours, i can see from the Brute force logs, entry been created every minute with "average historical failed login=12" and "Detected failed logins=12", "Mitigation= URL based" but actually i dont see any ip's or rejected connections.. but after an hour or sometime for the same values it applied URL-Based mitigation, dropped the ip's for sometime to bring back the URL to normal usage. is there any way i can fix this prevention policy to be constant instead of on/off.. any fixed numbers i can try? any suggestion?