F5 ASM - Logging Traffic Learning

Question

Hey team,&nbsp;
BIG-IP 12.1.3.5 Build 0.0.10 Point Release 5&nbsp;
Curious if ASM security policy Traffic Learning suggestions has logging, as in what user may have accepted what suggestion, deleted another, etc. &nbsp;
Also, if it has logging around security policy changes. I believe this does occur, but interested in if these (and the above logs, if they exist) can be syslog'd out. If that is the case, may need a quick run-down of where to turn on/expect this type of audit logging configuration.&nbsp;
Much appreciated!&nbsp;

samstep · Answer

every single ASM policy change is logged including traffic learning suggestion acceptance and yes it is sysloged into /var/log/asm - simply search it for a keyword "audit". &nbsp;

Forum Discussion

F5 ASM - Logging Traffic Learning

1 Reply

Recent Discussions

F5Access | MacOS Sonoma

Active- Active HA setup

syslog server connection

Cannot see floating MAC address outside of ESXi

Rewrite uri translation not working

Related Content

iRule to log traffic details

fellow traffic

ASM logs

Logging DNS Requests

Objectif of Learning mode in ASM