Forum Discussion

man's avatar
man
Icon for Nimbostratus rankNimbostratus
Dec 20, 2021
Solved

Irule for logging Allowed Response status code

hi everyone

I have configured a policy that 500 code is not in the Allowed Response status code list on Policy Properties tab. But when i use asm events in i rule it doesnt log anything:

when ASM_RESPONSE_VIOLATION {

   log local0. "[ASM::violation_data]. unblocked for [IP::client_addr]"

}

I tested this events but nothing is logged and events doesnt trigger.

ASM_REQUEST_BLOCKING

ASM_REQUEST_DONE

ASM_REQUEST_VIOLATION

ASM_RESPONSE_VIOLATION

IN_DOSL7_ATTACK

  • Hi,

     

    Did you enable Trigger ASM iRule Events on your ASM policy??

     

    Cheers,

     

    Kees