Bug ID 428010: Remote logging of signature risk and accuracy

Last Modified: Oct 10, 2018

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
11.2.1, 11.3.0, 11.4.0, 11.4.1

Fixed In:
11.5.0, 11.4.1 HF6

Opened: Aug 15, 2013
Severity: 3-Major

Symptoms

Signature risk and accuracy may not show up in remote logger messages when "sig_names" is included.

Impact

Remote logger message does not contain risk and accuracy

Conditions

Configure remote logger adding "sig_names" field. Restart ASM

Workaround

Add or modify a user-defined signature with "Auto Apply" enabled

Fix Information

The remote logger message now contains an attack signature's risk and accuracy after you perform the following: configure a remote logger including the "sig_names" field, add the "remote_logger_include_sig_risk_accuracy" flag from the command line (/usr/share/ts/bin/add_del_internal add remote_logger_include_sig_risk_accuracy 1), restart ASM, and send a request to trigger the Attack Signature violation.

Behavior Change