Application Security Policy - Event Logs

Question

How do I tell if the events under Security --&gt; Event Logs --&gt; Application --&gt; Request are being permitted or blocked?How do I enable Response logging?What does it mean to Delete Request, Export Request, and Accept Request?  If the request is accepted does this permit this type request?
Thanks!&nbsp;

nathe · Answer

Johnnyx&nbsp;

Dependant on version there'll be an icon to quickly tell you whether the request has been blocked, for example. A blocked request is a red circle with a white line through it.&nbsp;

Enable Response Logging in a custom Logging profile&nbsp;

Delete means to get rid of the request altogether, export will export the details to a HTML file and Accept means ASM will add an entry into the policy which will allow the request. For example, to allow a disallowed metacharacter perhaps.

Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

Application Security Policy - Event Logs

1 Reply

Recent Discussions

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

F5 terminal - help to run commands - disk space full

Can iRule be used to perform exception of IPI category based on Geolocation

Related Content

Minimizing Security Complexity: Managing Distributed WAF Policies

Secure Your Epic Applications in a Flash with F5 FAST Templates & Declarative AWAF Policies

Enhance your Application Security using Client-side signals

Securing and Scaling Hybrid Application with F5 NGINX (Part 1)

F5 BIG-IP Advanced WAF: OWASP Top 10 Application Security Risks 2021 Compliance Dashboard