Bug ID 737597: AVR DoS Attack report misses virtual server name in a specific config

Last Modified: May 29, 2024

Affected Product(s):
BIG-IP AFM(all modules)

Known Affected Versions:
12.0.0, 12.0.0 HF1, 12.1.0 HF1, 12.0.0 HF2, 12.1.0 HF2, 12.0.0 HF3, 12.0.0 HF4, 12.1.1 HF1, 12.1.1 HF2, 12.1.2 HF1, 12.1.2 HF2, 12.1.0, 12.1.1, 12.1.2, 12.1.3,,,,,,,

Fixed In:

Opened: Jul 19, 2018

Severity: 3-Major


In Security :: Reporting : DoS : Network, the report shows the attack, but categorizes the attack under 'Aggregated' in the Virtual Server name value, rather than the actual name of the Virtual Server on which the attack is happening.


AVR report missing the Virtual Server information.


-- A Virtual Server is configured with a IP/Subnet range. For example, -- Virtual Server with Destination Address: (meaning the destination range is - -- Destination Address of the Client Traffic and Attack: View AVR Reporting, which does not resolve the to any specific Virtual Server, but instead categorizes the attack as 'Aggregate'.



Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips