Product Documentation

appfw learningdata

Sep 12, 2016

The following operations can be performed on "appfw learningdata":

rm appfw learningdata

Removes unreviewed application firewall learning data for the specified application firewall profile.

Synopsys

rm appfw learningdata <profileName> (-startURL <expression> | -cookieConsistency <string> | (-fieldConsistency <string> <formActionURL>) | -contentType <string> | (-crossSiteScripting <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-SQLInjection <string> <formActionURL> [<location>] [<valueType> <valueExpression>]) | (-fieldFormat <string> <formActionURL>) | (-CSRFTag <expression> <CSRFFormOriginURL>) | (-CreditCardNumber <expression> <CreditCardNumberUrl>) | -XMLDoSCheck <expression> | -XMLWSICheck <expression> | -XMLAttachmentCheck <expression>) [-TotalXMLRequests]

Arguments

profileName

Name of the profile.

startURL

Start URL configuration.

cookieConsistency

Cookie Name.

fieldConsistency

Form field name.

formActionURL

Form action URL.

contentType

Content Type Name.

crossSiteScripting

Cross-site scripting.

location

Location of sql injection exception - form field, header or cookie.

Possible values: FORMFIELD, HEADER, COOKIE

valueType

SQL value type. Keyword, SpecialString or Wildchar

Possible values: Keyword, SpecialString, Wildchar

valueExpression

SQL value expressions consistituting expressions for Keyword, SpecialString or Wildchar.

SQLInjection

Form field name.

fieldFormat

Field format name.

CSRFTag

CSRF Form Action URL

CSRFFormOriginURL

CSRF Form Origin URL.

CreditCardNumber

The object expression that is to be excluded from safe commerce check.

CreditCardNumberUrl

The url for which the list of credit card numbers are needed to be bypassed from inspection

XMLDoSCheck

XML Denial of Service check, one of

MaxAttributes

MaxAttributeNameLength

MaxAttributeValueLength

MaxElementNameLength

MaxFileSize

MinFileSize

MaxCDATALength

MaxElements

MaxElementDepth

MaxElementChildren

NumDTDs

NumProcessingInstructions

NumExternalEntities

MaxEntityExpansions

MaxEntityExpansionDepth

MaxNamespaces

MaxNamespaceUriLength

MaxSOAPArraySize

MaxSOAPArrayRank

XMLWSICheck

Web Services Interoperability Rule ID.

XMLAttachmentCheck

XML Attachment Content-Type.

TotalXMLRequests

Total XML requests.

show appfw learningdata

Displays the unreviewed application firewall learning data for the specified profile and security check.

Synopsys

show appfw learningdata <profileName> <securityCheck>

Arguments

profileName

Name of the profile.

securityCheck

Name of the security check.

Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType

Outputs

url

Learnt url

name

Learnt field name

fieldType

Learnt field type

fieldFormatMinLength

The minimum allowed length for data in this form field.

fieldFormatMaxLength

The maximum allowed length for data in this form field.

fieldFormatCharMapPCRE

Form field value allowed character map.

valueType

Learnt field value type

value

Learnt field value

hits

Learnt entity hit count

data

Learned data.

devno

count

stateflag

reset appfw learningdata

Remove all databases. Make transaction count zero

Synopsys

reset appfw learningdata

export appfw learningdata

Export appfw learnt data in csv format to the location /var/learnt_data/

Synopsys

export appfw learningdata <profileName> <securityCheck> [-target <string>]

Arguments

profileName

Name of the profile.

securityCheck

Name of the security check.

Possible values: startURL, cookieConsistency, fieldConsistency, crossSiteScripting, SQLInjection, fieldFormat, CSRFtag, XMLDoSCheck, XMLWSICheck, XMLAttachmentCheck, TotalXMLRequests, creditCardNumber, ContentType

target

Target filename for data to be exported.