Bug ID 977701: Web Application Security/Bot Traffic Dashboards 500 Server Error following upgrade to 8.0

Last Modified: Jul 12, 2023

Affected Product(s):
BIG-IQ Web App Security (ASM)(all modules)

Known Affected Versions:
7.1.0,,,, 7.1.6,, 7.1.7,,, 7.1.8,,,,,, 7.1.9,,,

Opened: Dec 31, 2020

Severity: 4-Minor


In rare cases, following an upgrade from a BIG-IQ version 7.1 to 8.0, the Web Application Security Dashboard or Bot Traffic Dashboard might display a 500 error.


The system returns an unexpected error (500 Server Error): status:500, body:{"error":{"httpStatus":"INTERNAL_SERVER_ERROR","code":1002,"message":"INTERNAL_SERVER_ERROR: ElasticsearchStatusException[Elasticsearch exception [type=too_long_frame_exception, reason=An HTTP line is larger than 4096 bytes.]]","errorStack":[],"restOperationId":"0615d70c-8d06-444a-b5bb-e0d7ffe0ca55"}}


Following a period of time that a system is powered down (several days, or more), upgrade a BIG-IQ to version 8.0. Go to the Web Application Security Dashboard (Monitoring : DASHBOARDS : Web Application Security).


Add the 'http.max_initial_line_length: 10mb' parameter to /var/config/rest/elasticsearch/config/elasticsearch.yml on all nodes (CMs and DCDs), and then restart elastic search on each node: bigstart restart elasticsearch

Fix Information


Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips