accept new suggestions from ASM

Question

we are hitting some false positives for already learned violations including some attack signatures (learn button grayed out in the event log and action is block) ASM policy already in Blocking.&nbsp;
what is the best practice/procedure to re-enable learning or to be able to check new suggestions from ASM in order to stop blocking legitimate requests.&nbsp;
please note (Learn , Alarm, Block ) are checked in 
Security  ››  Application Security : Policy Building : Learning and Blocking Settings&nbsp;

jad_tabbara__j1 · Answer

Hello Mohammad,&nbsp;
You can reactivate the "Staging" on each entity.&nbsp;
For example if you are getting false positive on parameter you can "check" the setting "Staging" on parameters.&nbsp;
Regards&nbsp;

Forum Discussion

accept new suggestions from ASM

1 Reply

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Geolocation accept per url path

Difference between Insert X-Forwarded-For and Accept XFF?

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

iRule to accept client then SSL cert validation

How to fix your hotel TV when it won’t accept your HDMI input