Bug ID 428010: Remote logging of signature risk and accuracy

Last Modified: Nov 22, 2021

Affected Product(s):
BIG-IP ASM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF6

Opened: Aug 15, 2013

Severity: 3-Major


Signature risk and accuracy may not show up in remote logger messages when "sig_names" is included.


Remote logger message does not contain risk and accuracy


Configure remote logger adding "sig_names" field. Restart ASM


Add or modify a user-defined signature with "Auto Apply" enabled

Fix Information

The remote logger message now contains an attack signature's risk and accuracy after you perform the following: configure a remote logger including the "sig_names" field, add the "remote_logger_include_sig_risk_accuracy" flag from the command line (/usr/share/ts/bin/add_del_internal add remote_logger_include_sig_risk_accuracy 1), restart ASM, and send a request to trigger the Attack Signature violation.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips