ASM

Description

iRules commands and events relating to the Application Security Manager (ASM) module

Command List

  • ASM::client_ip - Returns the IP address of the end client that sent the present request
  • ASM::disable - Disables plugin processing on the connection.
  • ASM::enable - Enables plugin processing on the connection.
  • ASM::fingerprint - returns the FP id if available
  • ASM::payload - This command retrieves or replaces the payload collected by ASM.
  • ASM::raise - Issues a user-defined violation on the present request
  • ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
  • ASM::signature - returns the list of signatures
  • ASM::status - Returns the current status of the request or response
  • ASM::support_id - Returns the support id of the present HTTP transaction
  • ASM::unblock - Overrides the blocking action for a request that had blocking violation
  • ASM::violation - Returns the list of violations found in the present request or response together with details on each one
  • ASM::violation_data - This command exposes violation data using a multiple buffers instance
  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

Event List

  • ASM_REQUEST_BLOCKING - Triggered when ASM is generating the reject-response and gives the iRule a chance to modify that reject-response before it is sent.
  • ASM_REQUEST_DONE - triggered after ASM finished processing the request and found all violations of the ASM policy
  • ASM_REQUEST_VIOLATION - Triggered when ASM detects that a request violates an ASM security policy.
  • ASM_RESPONSE_VIOLATION - Triggered when ASM detects that a response violates an ASM security policy.
  • IN_DOSL7_ATTACK - Triggered when ASM detects that a request violates an ASM security policy for Denial of Service attacks

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.