In doing some testing it seems the monthly ASM signature update kicks off at 4:02AM and repeats every 30 days dependent on the day you configured it.
You will see logs similar to the following:
Mar 31 16:03:23 bigipve2 info perl[14997]: 01310053:6: ASMConfig change: Attack Signatures Update Settings [update]: Update Interval was set to monthly.
Apr 2 04:02:03 bigipve2 info asm_config_server_rpc_handler.pl[15813]: The most recent Attack Signatures file is already installed. Signature file update skipped.
Is there a way to schedule a manual cron job that will update signatures on the same day every month (e.g. the 25th of every month)?
- It looks like you would need to edit your cron to run the script /usr/share/ts/bin/update_sigfile.pl at a certain time/date/interval.
- This article might help: K33730915: Overview of anacron utility on the BIG-IP system
- I'm unsure what impact this would have on the GUI configuration for the ASM signature update.
[root@lab-a:Active:Disconnected] config # ls -lh /etc/cron.daily/
total 17K
lrwxrwxrwx. 1 root root 36 2019-02-06 14:19 asm_update_sigfile -> /usr/share/ts/bin/asm_update_sigfile
-rwxr-xr-x. 1 root root 896 2018-06-14 11:24 clean_oblog
-rwxr-xr-x. 1 root root 921 2018-06-14 11:33 cleanup_sync_files
-r-xr-xr-x. 1 root root 528 2018-06-14 10:20 integritycheck
-rwx------. 1 root root 2.3K 2018-06-14 11:42 logrotate
-rwx------. 1 root root 524 2016-06-22 06:46 tmpwatch
lrwxrwxrwx. 1 root root 36 2019-02-06 14:19 update_dpi_sigfile -> /usr/share/ts/bin/update_dpi_sigfile
lrwxrwxrwx. 1 root root 35 2019-02-06 14:19 update_fps_engine -> /usr/share/ts/bin/update_fps_engine
lrwxrwxrwx. 1 root root 39 2019-02-06 14:19 update_fps_signatures -> /usr/share/ts/bin/update_fps_signatures
lrwxrwxrwx. 1 root root 34 2019-02-06 14:19 update_pem_tacdb -> /usr/share/ts/bin/update_pem_tacdb
[root@lab-a:Active:Disconnected] config # crontab -l
MAILTO=""
1-59/10 * * * * /usr/bin/diskmonitor
0 */4 * * * /usr/bin/diskwearoutstat
22 14 * * * /usr/bin/updatecheck -a
22 14 06 * * /usr/bin/phonehome_upload
8 * * * * /usr/bin/copy_rrd save