PowerShellDon_1
Feb 06, 2017Nimbostratus
ASM Logs Override
Hi All, I'm trying to cut down on the amount of logs we sent through from ASM to our SIEM (LogRhythm - if anyone has any tips/help on log policies that'd be great, it's pretty rubbish out of the box)
Majority of ASM logs are for Attack Type "Non Browser Client" or specific URL's such as "/wp-login.php" and exchange autodiscovers... which i just dont need to log or report on.
Any way for me to drop these in ASM before they appear in the logs and get syslog'd to SIEM? An iRule perhaps ?