appfw-learningdata¶
The following operations can be performed on "appfw-learningdata":
rm appfw learningdata¶
Removes unreviewed application firewall learning data for the specified application firewall profile.
Synopsis¶
rm appfw learningdata <profileName> (-startURL <expression> | -cookieConsistency <string> | (-fieldConsistency <string> <formActionURL>) | -contentType <string> | (-crossSiteScripting <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-SQLInjection <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-fieldFormat <string> <formActionURL>) | (-CSRFTag <expression> <CSRFFormOriginURL>) | (-CreditCardNumber <expression> <CreditCardNumberUrl>) | -XMLDoSCheck <expression> | -XMLWSICheck <expression> | -XMLAttachmentCheck <expression>) [-TotalXMLRequests]
Arguments¶
profileName
Name of the profile.
startURL
Start URL configuration.
cookieConsistency
Cookie Name.
fieldConsistency
Form field name.
formActionURL
Form action URL.
contentType
Content Type Name.
crossSiteScripting
Cross-site scripting.
formActionURL
Form action URL.
location
Location of cross-site scripting exception - form field, header or cookie.
Possible values: FORMFIELD, HEADER, COOKIE
valueType
XSS value type. (Tag | Attribute | Pattern)
Possible values: Tag, Attribute, Pattern
valueExpression
XSS value expressions consistituting expressions for Tag, Attribute or Pattern.
SQLInjection
Form field name.
formActionURL
Form action URL.
location
Location of sql injection exception - form field, header or cookie.
Possible values: FORMFIELD, HEADER, COOKIE
valueType
SQL value type. Keyword, SpecialString or Wildchar
Possible values: Keyword, SpecialString, Wildchar
valueExpression
SQL value expressions consistituting expressions for Keyword, SpecialString or Wildchar.
fieldFormat
Field format name.
formActionURL
Form action URL.
CSRFTag
CSRF Form Action URL
CSRFFormOriginURL
CSRF Form Origin URL.
CreditCardNumber
The object expression that is to be excluded from safe commerce check.
CreditCardNumberUrl
The url for which the list of credit card numbers are needed to be bypassed from inspection
XMLDoSCheck
XML Denial of Service check, one of MaxAttributes MaxAttributeNameLength MaxAttributeValueLength MaxElementNameLength MaxFileSize MinFileSize MaxCDATALength MaxElements MaxElementDepth MaxElementChildren NumDTDs NumProcessingInstructions NumExternalEntities MaxEntityExpansions MaxEntityExpansionDepth MaxNamespaces MaxNamespaceUriLength MaxSOAPArraySize MaxSOAPArrayRank
XMLWSICheck
Web Services Interoperability Rule ID.
XMLAttachmentCheck
XML Attachment Content-Type.
TotalXMLRequests
Total XML requests.
show appfw learningdata¶
Displays the unreviewed application firewall learning data for the specified profile and security check.
Synopsis¶
show appfw learningdata <profileName> <securityCheck>
Arguments¶
profileName
Name of the profile.
securityCheck
Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
Output¶
url
Learnt url
name
Learnt field name
fieldType
Learnt field type
fieldFormatMinLength
The minimum allowed length for data in this form field.
fieldFormatMaxLength
The maximum allowed length for data in this form field.
fieldFormatCharMapPCRE
Form field value allowed character map.
valueType
Learnt field value type
value
Learnt field value
hits
Learnt entity hit count
data
Learned data.
devno
count
stateflag
reset appfw learningdata¶
Remove all databases. Make transaction count zero
Synopsis¶
reset appfw learningdata
export appfw learningdata¶
Export appfw learnt data in csv format to the location /var/learnt_data/
Synopsis¶
export appfw learningdata <profileName> <securityCheck> [-target <string>]
Arguments¶
profileName
Name of the profile.
securityCheck
Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
target
Target filename for data to be exported.