Skip to content

af_waf_relaxation_rules

Configuration for WAF Learning engine ready to deploy relaxation rules learnt for Level 2 resource.

Properties

(click to see Operations )

Name Data Type Permissions Description
sms_profile <String> Read-write SMS Profile name.
field_type <String> Read-write Field type to be relaxed.

Maximum length = 512
is_auto_deploy <Boolean> Read-write Field to check if auto deploying is ENABLED/DISABLED.
status <Boolean> Read-write Status is true when the rule is enabled and false when the rule is disabled.
mode <Integer> Read-write Deployment mode would be OPEN(0) / CLOSE(1).
count_value <Integer> Read-write count for the number of times this rule has caused violation.
slack_profile <String> Read-write Slack Profile name.
grace_period <Double> Read-write time before a rule is auto deployed.
ctnsappname <String> Read-write ctnsappname.

Maximum length = 255
violation_location <Integer> Read-write Violation Location.
violation_id <Integer> Read-write Violation Category.
field_name <String> Read-write Field name to be relaxed.

Maximum length = 512
resourceid <String> Read-write Resource Id generated for each relaxation rule which is bound to appfw profile..

Minimum length = 1

Maximum length = 128
mail_profile <String> Read-write Mail Profile name.
is_system <Boolean> Read-write Set to true when system generated and false for user configured rule.
rpt_sample_time <Double> Read-write Report Sample time..
max_value <Integer> Read-write Maximum length of the filed to be relaxed.
user_name <String> Read-write Field used to maintain the name of User who take an action that lead to this transaction record.
learning_mode <Integer> Read-write Learning mode to differentate between a rule to be pruned (2) or deployed (0 or 1).
value_type <String> Read-write Value type to be relaxed.

Maximum length = 512
value_expr <String> Read-write Value expression to be relaxed.

Maximum length = 512
is_deployed <Integer> Read-write Field refelecting status of rule i.e 0-ready to deploy,1-deployed,2-skipped,4-failed.
http_req_url <String> Read-write HTTP Request URL to be relaxed.

Maximum length = 2000
si_device_ip_address <String> Read-write Citrix ADC IP Address..

Minimum length = 1

Maximum length = 512
min_value <Integer> Read-write minimum length of the field to be relaxed.
regex <Integer> Read-write Regex number 1 is REGEX and 2 is NOTREGEX in bind appfw profile per security check.
servicenow_profile <String> Read-write servicenow Profile name.
profile_name <String> Read-write profile_name.

Maximum length = 32
adm_learn_profile_name <String> Read-write adm_learn_profile_name.

Minimum length = 1

Maximum length = 32
no_of_violations <Double> Read-write Number of violations.
comment <String> Read-write Comment to be added to a relaxation rule while deploying it.

Maximum length = 255
grace_period_expiry <Double> Read-write Number of seconds left to trigger autodeploy for relaxation of URL.
id <String> Read-only Id is system generated key..

Operations

(click to see Properties )

  • ADD
  • DELETE
  • GET (ALL)
  • UPDATE

Some options that you can use for each operations:

  • Getting warnings in response: NITRO allows you to get warnings in an operation by specifying the 'warning' query parameter as 'yes'. For example, to get warnings while connecting to the NetScaler appliance, the URL is as follows:

    http:// <netscaler-ip-address> /nitro/v1/config/login?warning=yes

    If any, the warnings are displayed in the response payload with the HTTP code '209 X-NITRO-WARNING'.

  • Authenticated access for individual NITRO operations: NITRO allows you to logon to the NetScaler appliance to perform individual operations. You can use this option instead of creating a NITRO session (using the login object) and then using that session to perform all operations,

    To do this, you must specify the username and password in the request header of the NITRO request as follows:

    X-NITRO-USER: <username>

    X-NITRO-PASS: <password>

    Note: In such cases, make sure that the request header DOES not include the following:

    Cookie:NITRO_AUTH_TOKEN= <tokenvalue>

Note: Mandatory parameters are marked in red and placeholder content is marked in green

The following parameters can be used in the nitro request : onerror <String_value>

Use this parameter to set the onerror status for nitro request. Applicable only for bulk requests.

Default value: EXIT

Possible values = EXIT, CONTINUE

add

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules?onerror=<String_value> HTTPS Method: POST

Request Headers: Content-Type: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Request Payload:

{"af_waf_relaxation_rules": {
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}

delete

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: DELETE

Request Headers: X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt }

get (all)

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules Query-parameters:

filter https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?filter=property-name1:property-value1,property-name2:property-value2 Use this query-parameter to get the filtered set of af_waf_relaxation_rules resources configured on the system. You can set a filter on any property of the resource.

pagesize=#no;pageno=#no https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?pagesize=#no;pageno=#no Use this query-parameter to get the af_waf_relaxation_rules resources in chunks.

count https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules ?count=yes Use this query-parameter to get the count of af_waf_relaxation_rules resources.

HTTPS Method: GET

Request Headers: Accept: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Headers:

Content-Type:application/json

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}

update

URL: https://<MGMT-IP>/nitro/v2/config/af_waf_relaxation_rules/id_value<String> HTTPS Method: PUT

Request Headers: Content-Type: application/json

X-NITRO-USER:username_value<String>

X-NITRO-PASS:password_value<String>

or

Cookie:NITRO_AUTH_TOKEN=token_value<String>

Request Payload:

{"af_waf_relaxation_rules":{
"mode":<Integer_value>,
"field_name":<String_value>,
"violation_id":<Integer_value>,
"violation_location":<Integer_value>,
"resourceid":<String_value>,
"is_system":<Boolean_value>,
"learning_mode":<Integer_value>,
"http_req_url":<String_value>,
"regex":<Integer_value>,
"is_auto_deploy":<Boolean_value>,
"count_value":<Integer_value>,
"rpt_sample_time":<Double_value>,
"si_device_ip_address":<String_value>,
"profile_name":<String_value>,
"field_type":<String_value>,
"sms_profile":<String_value>,
"no_of_violations":<Double_value>,
"slack_profile":<String_value>,
"ctnsappname":<String_value>,
"mail_profile":<String_value>,
"grace_period_expiry":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"value_type":<String_value>,
"is_deployed":<Integer_value>,
"value_expr":<String_value>,
"min_value":<Integer_value>,
"servicenow_profile":<String_value>,
"status":<Boolean_value>,
"grace_period":<Double_value>,
"comment":<String_value>,
"adm_learn_profile_name":<String_value>}}

Response: HTTPS Status Code on Success: 200 OK HTTPS Status Code on Failure: 4xx (for general HTTPS errors) or 5xx (for NetScaler-MAS-specific errors). The response payload provides details of the error

Response Payload:

{ "errorcode": 0, "message": "Done", "severity": ;ltString_value;gt, "af_waf_relaxation_rules":[{
"sms_profile":<String_value>,
"field_type":<String_value>,
"is_auto_deploy":<Boolean_value>,
"status":<Boolean_value>,
"mode":<Integer_value>,
"count_value":<Integer_value>,
"slack_profile":<String_value>,
"grace_period":<Double_value>,
"ctnsappname":<String_value>,
"violation_location":<Integer_value>,
"id":<String_value>,
"violation_id":<Integer_value>,
"field_name":<String_value>,
"resourceid":<String_value>,
"mail_profile":<String_value>,
"is_system":<Boolean_value>,
"rpt_sample_time":<Double_value>,
"max_value":<Integer_value>,
"user_name":<String_value>,
"learning_mode":<Integer_value>,
"value_type":<String_value>,
"value_expr":<String_value>,
"is_deployed":<Integer_value>,
"http_req_url":<String_value>,
"si_device_ip_address":<String_value>,
"min_value":<Integer_value>,
"regex":<Integer_value>,
"servicenow_profile":<String_value>,
"profile_name":<String_value>,
"adm_learn_profile_name":<String_value>,
"no_of_violations":<Double_value>,
"comment":<String_value>,
"grace_period_expiry":<Double_value>}]}
Was this article helpful?