appfw-learningdata¶
The following operations can be performed on "appfw-learningdata":
export appfw learningdata¶
Export appfw learnt data in csv format to the location /var/learnt_data/
Synopsis¶
export appfw learningdata
Arguments¶
profileName Name of the profile.
securityCheck Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
target Target filename for data to be exported.
reset appfw learningdata¶
Remove all databases. Make transaction count zero
Synopsis¶
reset appfw learningdata
rm appfw learningdata¶
Removes unreviewed application firewall learning data for the specified application firewall profile.
Synopsis¶
rm appfw learningdata
Arguments¶
profileName Name of the profile.
startURL Start URL configuration.
cookieConsistency Cookie Name.
fieldConsistency Form field name.
formActionURL Form action URL.
contentType Content Type Name.
crossSiteScripting Cross-site scripting.
formActionURL Form action URL.
location Location of cross-site scripting exception - form field, header, cookie or url.
Possible values: FORMFIELD, HEADER, COOKIE, URL
valueType XSS value type. (Tag | Attribute | Pattern)
Possible values: Tag, Attribute, Pattern
valueExpression XSS value expressions consistituting expressions for Tag, Attribute or Pattern.
SQLInjection Form field name.
formActionURL Form action URL.
location Location of sql injection exception - form field, header or cookie.
Possible values: FORMFIELD, HEADER, COOKIE
valueType SQL value type. Keyword, SpecialString or Wildchar
Possible values: Keyword, SpecialString, Wildchar
valueExpression SQL value expressions consistituting expressions for Keyword, SpecialString or Wildchar.
fieldFormat Field format name.
formActionURL Form action URL.
CSRFTag CSRF Form Action URL
CSRFFormOriginURL CSRF Form Origin URL.
CreditCardNumber The object expression that is to be excluded from safe commerce check.
CreditCardNumberUrl The url for which the list of credit card numbers are needed to be bypassed from inspection
XMLDoSCheck XML Denial of Service check, one of MaxAttributes MaxAttributeNameLength MaxAttributeValueLength MaxElementNameLength MaxFileSize MinFileSize MaxCDATALength MaxElements MaxElementDepth MaxElementChildren NumDTDs NumProcessingInstructions NumExternalEntities MaxEntityExpansions MaxEntityExpansionDepth MaxNamespaces MaxNamespaceUriLength MaxSOAPArraySize MaxSOAPArrayRank
XMLWSICheck Web Services Interoperability Rule ID.
XMLAttachmentCheck XML Attachment Content-Type.
TotalXMLRequests Total XML requests.
show appfw learningdata¶
Displays the unreviewed application firewall learning data for the specified profile and security check.
Synopsis¶
show appfw learningdata
Arguments¶
profileName Name of the profile.
securityCheck Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
Output¶
url Learnt url
name Learnt field name
fieldType Learnt field type
fieldFormatMinLength The minimum allowed length for data in this form field.
fieldFormatMaxLength The maximum allowed length for data in this form field.
fieldFormatCharMapPCRE Form field value allowed character map.
valueType Learnt field value type
value Learnt field value
hits Learnt entity hit count
data Learned data.
devno count stateflag