appfw learningdata¶
The following operations can be performed on "appfw learningdata":
rm appfw learningdata¶
Removes unreviewed application firewall learning data for the specified application firewall profile.
Synopsys¶
rm appfw learningdata <profileName> (-startURL <expression> | -cookieConsistency <string> | (-fieldConsistency <string> <formActionURL>) | -contentType <string> | (-crossSiteScripting <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-SQLInjection <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-fieldFormat <string> <formActionURL>) | (-CSRFTag <expression> <CSRFFormOriginURL>) | (-CreditCardNumber <expression> <CreditCardNumberUrl>) | -XMLDoSCheck <expression> | -XMLWSICheck <expression> | -XMLAttachmentCheck <expression>) [-TotalXMLRequests]
Arguments¶
profileName
Name of the profile.
startURL
Start URL configuration.
cookieConsistency
Cookie Name.
fieldConsistency
Form field name.
formActionURL
Form action URL.
contentType
Content Type Name.
crossSiteScripting
Cross-site scripting.
location
Location of sql injection exception - form field, header or cookie.
Possible values: FORMFIELD, HEADER, COOKIE
valueType
SQL value type. Keyword, SpecialString or Wildchar
Possible values: Keyword, SpecialString, Wildchar
valueExpression
SQL value expressions consistituting expressions for Keyword, SpecialString or Wildchar.
SQLInjection
Form field name.
fieldFormat
Field format name.
CSRFTag
CSRF Form Action URL
CSRFFormOriginURL
CSRF Form Origin URL.
CreditCardNumber
The object expression that is to be excluded from safe commerce check.
CreditCardNumberUrl
The url for which the list of credit card numbers are needed to be bypassed from inspection
XMLDoSCheck
XML Denial of Service check, one of
MaxAttributes
MaxAttributeNameLength
MaxAttributeValueLength
MaxElementNameLength
MaxFileSize
MinFileSize
MaxCDATALength
MaxElements
MaxElementDepth
MaxElementChildren
NumDTDs
NumProcessingInstructions
NumExternalEntities
MaxEntityExpansions
MaxEntityExpansionDepth
MaxNamespaces
MaxNamespaceUriLength
MaxSOAPArraySize
MaxSOAPArrayRank
XMLWSICheck
Web Services Interoperability Rule ID.
XMLAttachmentCheck
XML Attachment Content-Type.
TotalXMLRequests
Total XML requests.
show appfw learningdata¶
Displays the unreviewed application firewall learning data for the specified profile and security check.
Synopsys¶
show appfw learningdata <profileName> <securityCheck>
Arguments¶
profileName
Name of the profile.
securityCheck
Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
Outputs¶
url
Learnt url
name
Learnt field name
fieldType
Learnt field type
fieldFormatMinLength
The minimum allowed length for data in this form field.
fieldFormatMaxLength
The maximum allowed length for data in this form field.
fieldFormatCharMapPCRE
Form field value allowed character map.
valueType
Learnt field value type
value
Learnt field value
hits
Learnt entity hit count
data
Learned data.
devno
count
stateflag
reset appfw learningdata¶
Remove all databases. Make transaction count zero
Synopsys¶
reset appfw learningdata
export appfw learningdata¶
Export appfw learnt data in csv format to the location /var/learnt_data/
Synopsys¶
export appfw learningdata <profileName> <securityCheck> [-target <string>]
Arguments¶
profileName
Name of the profile.
securityCheck
Name of the security check.
Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType
target
Target filename for data to be exported.