Bug ID 748999: invalid inactivity timeout suggestion for cookies

Last Modified: Nov 07, 2022

Bug Tracker

Affected Product:  See more info
BIG-IP ASM(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,, 14.0.0,,,,, 14.1.0,

Fixed In:

Opened: Nov 06, 2018
Severity: 4-Minor


ASM will report "invalid inactivity timeout" suggestions to delete a cookie, even though the cookies are being sent and are valid.


Since non-violating traffic is not sent to the policy engine, the inactivity timeout timer is never reset, which will eventually lead to suggestions to delete the inactive cookie entities. These suggestions are erroneous because valid cookies are being sent in the traffic.


- Inactivity timeout feature is configured in Policy Builder - Cookie entity is configured in the policy - Valid, non-violating traffic containing cookies is passed


Ignore the inactive entity suggestions for cookies

Fix Information

Inactivity learning for cookies has been deprecated, the feature does not cover cookies anymore.

Behavior Change