ADC CLI Commands

appfw

The following operations can be performed on “appfw”:

stat appfw

Displays application firewall statistics.

Synopsis

stat appfw [-detail] [-fullValues] [-ntimes ] [-logFile ] [-clearstats ( basic | full )]

Arguments

detail Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes The number of times, in intervals of seven seconds, the statistics should be displayed. Default value: 1 Minimum value: 0

logFile The name of the log file to be used as input.

clearstats Clear the statsistics / counters

Possible values: basic, full

Output

Counters

total log messages (totlogs) Total number of security check log messages generated by the Application Firewall.

total violations (totviols) Total number of security check violations seen by the Application Firewall.

Recent Ave Response Time (ms) (shortAvgRespTime) Average backend response time in milliseconds over the last 7 seconds

Long Term Ave Response Time (ms) (longAvgRespTime) Average backend response time in milliseconds since reboot

requests (reqs) HTTP/HTTPS requests sent to your protected web servers via the Application Firewall.

Request Bytes (reqBytes) Number of bytes transfered for requests

responses (resps) HTTP/HTTPS responses sent by your protected web servers via the Application Firewall.

Response Bytes (resBytes) Number of bytes transfered for responses

aborts Incomplete HTTP/HTTPS requests aborted by the client before the Application Firewall could finish processing them.

redirects (redirect) HTTP/HTTPS requests redirected by the Application Firewall to a different Web page or web server. (HTTP 302)

Traps Dropped (trapsDr) AppFirewall SNMP traps dropped due to time limit.

start URL (startURL) Number of Start URL security check violations seen by the Application Firewall.

deny URL (denyURL) Number of Deny URL security check violations seen by the Application Firewall.

referer header (refererHdr) Number of Referer Header security check violations seen by the Application Firewall.

buffer overflow (bufovfl) Number of Buffer Overflow security check violations seen by the Application Firewall.

Post Body Limit (postBodyLimit) Number of Post Body Limit security check violations seen by the Application Firewall.

cookie consistency (cookie) Number of Cookie Consistency security check violations seen by the Application Firewall.

cookie hijacking (cookie_hijack) Number of Cookie Hijacking security violations seen by the Application Firewall.

CSRF form tag (csrf_tag) Number of Cross Site Request Forgery form tag security check violations seen by the Application Firewall.

HTML Cross-site scripting (xss) Number of HTML Cross-Site Scripting security check violations seen by the Application Firewall.

HTML SQL injection (sql) Number of HTML SQL Injection security check violations seen by the Application Firewall.

field format (fieldfmt) Number of Field Format security check violations seen by the Application Firewall.

field consistency (fieldcon) Number of Field Consistency security check violations seen by the Application Firewall.

File Upload Types (fileUploadTypes) Number of Field Upload Types security check violations seen by the Application Firewall.

Infer Content Type XML Payload (inferContentType) Number of Mismatched Content-Type in request with XML Payload security check violations seen by the Application Firewall.

credit card (ccard) Number of Credit Card security check violations seen by the Application Firewall.

safe object (safeobj) Number of Safe Object security check violations seen by the Application Firewall.

Signature Violations (sigs) Number of Signature violations seen by the Application Firewall.

content Type (contentType) Number of Content type security check violations seen by the Application Firewall.

HTML CMD injection (cmd) Number of HTML CMD Injection security check violations seen by the Application Firewall.

JSON Denial of Service (jsondosViolations) Number of JSON Denial-of-Service security check violations seen by the Application Firewall.

JSON SQL injection (jsonsqlViolations) Number of JSON SQL Injection security check violations seen by the Application Firewall.

JSON Cross-Site Scripting (jsonxssViolations) Number of JSON Cross-Site Scripting (XSS) security check violations seen by the Application Firewall.

JSON CMD injection (jsoncmdViolations) Number of JSON Command Injection security check violations seen by the Application Firewall.

XML Format (wfcViolations) Number of XML Format security check violations seen by the Application Firewall.

XML Denial of Service (XDoS) (xdosViolations) Number of XML Denial-of-Service security check violations seen by the Application Firewall.

XML Message Validation (msgvalViolations) Number of XML Message Validation security check violations seen by the Application Firewall.

Web Services Interoperability (wsIViolations) Number of Web Services Interoperability (WS-I) security check violations seen by the Application Firewall.

XML SQL Injection (xmlSqlViolations) Number of XML SQL Injection security check violations seen by the Application Firewall.

XML Cross-Site Scripting (xmlXssViolations) Number of XML Cross-Site Scripting (XSS) security check violations seen by the Application Firewall.

XML Attachment (xmlAttachmentViolations) Number of XML Attachment security check violations seen by the Application Firewall.

SOAP Fault Violations (soapflt) Number of requests returning soap:fault from the backend server

XML Generic Violations (genflt) Number of requests returning XML generic error from the backend server

HTML SQL injection (SQL grammar) (sqlgram) Number of HTML SQL Injection security check violations (using SQL grammar) seen by the Application Firewall.

JSON SQL injection (SQL grammar) (jsonsqlViolations) Number of JSON SQL Injection security check violations (reported using SQL grammar) seen by the Application Firewall.

start URL logs (startURLLog) Number of Start URL security check log messages generated by the Application Firewall.

deny URL logs (denyURLLog) Number of Deny URL security check log messages generated by the Application Firewall.

referer header logs (refererHdrLog) Number of Referer Header security check log messages generated by the Application Firewall.

buffer overflow logs (bufovflLog) Number of Buffer Overflow security check log messages generated by the Application Firewall.

Post Body Limit Logs (postBodyLimitLogs) Number of Post Body Limit security check logs seen by the Application Firewall.

cookie consistency logs (cookieLog) Number of Cookie Consistency security check log messages generated by the Application Firewall.

cookie hijacking logs (cookiehijackLog) Number of Cookie Hijacking security violation log messages generated by the Application Firewall.

CSRF form tag logs (csrf_tagLog) Number of Cross Site Request Forgery form tag security check log messages generated by the Application Firewall.

HTML XSS logs (xssLog) Number of HTML Cross-Site Scripting security check log messages generated by the Application Firewall.

HTML XSS transform logs (xssXformLog) Number of HTML Cross-Site Scripting security check transform log messages generated by the Application Firewall.

HTML SQL logs (sqlLog) Number of HTML SQL Injection security check log messages generated by the Application Firewall.

HTML SQL transform logs (sqlXformLog) Number of HTML SQL Injection security check transform log messages generated by the Application Firewall.

field format logs (fieldfmtLog) Number of Field Format security check log messages generated by the Application Firewall.

field consistency (fieldconLog) Number of Field Consistency security check log messages generated by the Application Firewall.

credit cards (ccardLog) Number of Credit Card security check log messages generated by the Application Firewall.

safe object logs (safeobjLog) Number of Safe Object security check log messages generated by the Application Firewall.

Signature logs (sigsLog) Number of Signature logs generated by the Application Firewall.

content Type logs (contentTypeLog) Number of content type security check log messages generated by the Application Firewall.

JSON Denial of Service logs (jsondosLogs) Number of JSON Denial-of-Service security check log messages generated by the Application Firewall.

JSON SQL injection logs (jsonsqlLogs) Number of JSON SQL Injection security check log messages generated by the Application Firewall.

JSON Cross-Site Scripting logs (jsonxssLogs) Number of JSON Cross-Site Scripting (XSS) security check log messages generated by the Application Firewall.

JSON CMD injection logs (jsoncmdLogs) Number of JSON Command Injection security check log messages generated by the Application Firewall.

file upload types logs (fileUploadTypesLog) Number of File Upload Types security check log messages generated by the Application Firewall.

Infer Content Type XML Payload Logs (inferContentTypeLog) Number of Mismatched Content-Type in request with XML Payload security check logs seen by the Application Firewall.

HTML Command Injection logs (cmdLog) Number of HTML Command Injection security check log messages generated by the Application Firewall.

XML Format logs (wfcLogs) Number of XML Format security check log messages generated by the Application Firewall.

XML Denial of Service (XDoS) log messages (xdosLogs) Number of XML Denial-of-Service security check log messages generated by the Application Firewall.

XML Message Validation logs (msgvalLogs) Number of XML Message Validation security check log messages generated by the Application Firewall.

WSI logs (wsILogs) Number of Web Services Interoperability (WS-I) security check log messages generated by the Application Firewall.

XML SQL Injection logs (xmlSqlLogs) Number of XML SQL Injection security check log messages generated by the Application Firewall.

XML XSS logs (xmlXssLogs) Number of XML Cross-Site Scripting (XSS) security check log messages generated by the Application Firewall.

XML Attachment logs (xmlAttachmentLogs) Number of XML Attachment security check log messages generated by the Application Firewall.

SOAP Fault logs (soapfltLog) Number of requests generating soap:fault log messages

XML Generic logs (genfltLog) Number of requests generating XML generic error log messages

HTML SQL logs (SQL grammar) (sqlGramLog) Number of HTML SQL Injection security check log messages (reported by SQL grammar) generated by the Application Firewall.

JSON SQL injection logs (SQL grammar) (jsonsqlGramLogs) Number of JSON SQL Injection security check log messages (reported by SQL grammar) generated by the Application Firewall.

HTTP Client Errors (4xx Resp) (4xxResps) Number of requests returning HTTP 4xx from the backend server

HTTP Server Errors (5xx Resp) (5xxResps) Number of requests returning HTTP 5xx from the backend server

credit card log transform messages (ccardXformLog) Number of Credit Card security check transform log messages generated by the Application Firewall.

appfw