Skip to content

appfw-learningdata

The following operations can be performed on "appfw-learningdata":

reset| rm| export| show|

reset appfw learningdata

Remove all databases. Make transaction count zero

Synopsis

reset appfw learningdata

rm appfw learningdata

Removes unreviewed application firewall learning data for the specified application firewall profile.

Synopsis

rm appfw learningdata (-startURL | -cookieConsistency | (-fieldConsistency ) | -contentType | (-crossSiteScripting [] [ ]) | (-SQLInjection [] [ ]) | (-fieldFormat ) | (-CSRFTag ) | (-CreditCardNumber ) | -XMLDoSCheck | -XMLWSICheck | -XMLAttachmentCheck ) [-TotalXMLRequests]

Arguments

profileName Name of the profile.

startURL Start URL configuration.

cookieConsistency Cookie Name.

fieldConsistency Form field name.

formActionURL Form action URL.

contentType Content Type Name.

crossSiteScripting Cross-site scripting.

formActionURL Form action URL.

location Location of cross-site scripting exception - form field, header, cookie or url.

Possible values: FORMFIELD, HEADER, COOKIE, URL

valueType XSS value type. (Tag | Attribute | Pattern)

Possible values: Tag, Attribute, Pattern

valueExpression XSS value expressions consistituting expressions for Tag, Attribute or Pattern.

SQLInjection Form field name.

formActionURL Form action URL.

location Location of sql injection exception - form field, header or cookie.

Possible values: FORMFIELD, HEADER, COOKIE

valueType SQL value type. Keyword, SpecialString or Wildchar

Possible values: Keyword, SpecialString, Wildchar

valueExpression SQL value expressions consistituting expressions for Keyword, SpecialString or Wildchar.

fieldFormat Field format name.

formActionURL Form action URL.

CSRFTag CSRF Form Action URL

CSRFFormOriginURL CSRF Form Origin URL.

CreditCardNumber The object expression that is to be excluded from safe commerce check.

CreditCardNumberUrl The url for which the list of credit card numbers are needed to be bypassed from inspection

XMLDoSCheck XML Denial of Service check, one of MaxAttributes MaxAttributeNameLength MaxAttributeValueLength MaxElementNameLength MaxFileSize MinFileSize MaxCDATALength MaxElements MaxElementDepth MaxElementChildren NumDTDs NumProcessingInstructions NumExternalEntities MaxEntityExpansions MaxEntityExpansionDepth MaxNamespaces MaxNamespaceUriLength MaxSOAPArraySize MaxSOAPArrayRank

XMLWSICheck Web Services Interoperability Rule ID.

XMLAttachmentCheck XML Attachment Content-Type.

TotalXMLRequests Total XML requests.

export appfw learningdata

Export appfw learnt data in csv format to the location /var/learnt_data/

Synopsis

export appfw learningdata [-target ]

Arguments

profileName Name of the profile.

securityCheck Name of the security check.

Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType

target Target filename for data to be exported.

show appfw learningdata

Displays the unreviewed application firewall learning data for the specified profile and security check.

Synopsis

show appfw learningdata

Arguments

profileName Name of the profile.

securityCheck Name of the security check.

Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType

Output

url Learnt url

name Learnt field name

fieldType Learnt field type

fieldFormatMinLength The minimum allowed length for data in this form field.

fieldFormatMaxLength The maximum allowed length for data in this form field.

fieldFormatCharMapPCRE Form field value allowed character map.

valueType Learnt field value type

value Learnt field value

hits Learnt entity hit count

data Learned data.

devno count stateflag

Was this article helpful?