Frank_Nsubuga_3
Jan 17, 2019Nimbostratus
Violation appearing in the event logs but not ASM learning suggestions
Hi,
I've gone through DevCentral so I know similar questions have been asked, but none have the right answer.
When I type this URL: [HTTPS] /en/ty.exe, I get a violation/ support ID for the following:
Detected Violations
Illegal file type [1]
Illegal URL length [1]
Illegal request length [1]
The traffic is quite rightly blocked, but nothing appears within the learning suggestions.
All of the violations are set to learn in the "learning & block settings".
The policy is in manual learning with a
Does everything that appears in the event logs not create a learning suggestion even if you've got it set to do so?
Is this decided by the ASM policy learning speeds? (Fast, enhanced and comprehensive)