Product Documentation

appfw

Sep 12, 2016

The following operations can be performed on "appfw":

stat appfw

Displays application firewall statistics.

Synopsys

stat appfw [-detail] [-fullValues] [-ntimes <positive_integer>] [-logFile <input_filename>] [-clearstats ( basic | full )]

Arguments

detail

Specifies detailed output (including more statistics). The output can be quite voluminous. Without this argument, the output will show only a summary.

fullValues

Specifies that numbers and strings should be displayed in their full form. Without this option, long strings are shortened and large numbers are abbreviated

ntimes

The number of times, in intervals of seven seconds, the statistics should be displayed.

Default value: 1

Minimum value: 0

logFile

The name of the log file to be used as input.

clearstats

Clear the statsistics / counters

Possible values: basic, full

Outputs

total log messages (totlogs)

Total number of security check log messages generated by the Application Firewall.

total violations (totviols)

Total number of security check violations seen by the Application Firewall.

Recent Ave Response Time (ms) (shortAvgRespTime)

Average backend response time in milliseconds over the last 7 seconds

Long Term Ave Response Time (ms) (longAvgRespTime)

Average backend response time in milliseconds since reboot

requests (reqs)

HTTP/HTTPS requests sent to your protected web servers via the Application Firewall.

Request Bytes (reqBytes)

Number of bytes transfered for requests

responses (resps)

HTTP/HTTPS responses sent by your protected web servers via the Application Firewall.

Response Bytes (resBytes)

Number of bytes transfered for responses

aborts

Incomplete HTTP/HTTPS requests aborted by the client before the Application Firewall could finish processing them.

redirects (redirect)

HTTP/HTTPS requests redirected by the Application Firewall to a different Web page or web server. (HTTP 302)

Traps Dropped (trapsDr)

AppFirewall SNMP traps dropped due to time limit.

start URL (startURL)

Number of Start URL security check violations seen by the Application Firewall.

deny URL (denyURL)

Number of Deny URL security check violations seen by the Application Firewall.

referer header (refererHdr)

Number of Referer Header security check violations seen by the Application Firewall.

buffer overflow (bufovfl)

Number of Buffer Overflow security check violations seen by the Application Firewall.

cookie consistency (cookie)

Number of Cookie Consistency security check violations seen by the Application Firewall.

CSRF form tag (csrf_tag)

Number of Cross Site Request Forgery form tag security check violations seen by the Application Firewall.

HTML Cross-site scripting (xss)

Number of HTML Cross-Site Scripting security check violations seen by the Application Firewall.

HTML SQL injection (sql)

Number of HTML SQL Injection security check violations seen by the Application Firewall.

field format (fieldfmt)

Number of Field Format security check violations seen by the Application Firewall.

field consistency (fieldcon)

Number of Field Consistency security check violations seen by the Application Firewall.

credit card (ccard)

Number of Credit Card security check violations seen by the Application Firewall.

safe object (safeobj)

Number of Safe Object security check violations seen by the Application Firewall.

Signature Violations (sigs)

Number of Signature violations seen by the Application Firewall.

content Type (contentType)

Number of Content type security check violations seen by the Application Firewall.

XML Format (wfcViolations)

Number of XML Format security check violations seen by the Application Firewall.

XML Denial of Service (XDoS) (xdosViolations)

Number of XML Denial-of-Service security check violations seen by the Application Firewall.

XML Message Validation (msgvalViolations)

Number of XML Message Validation security check violations seen by the Application Firewall.

Web Services Interoperability (wsIViolations)

Number of Web Services Interoperability (WS-I) security check violations seen by the Application Firewall.

XML SQL Injection (xmlSqlViolations)

Number of XML SQL Injection security check violations seen by the Application Firewall.

XML Cross-Site Scripting (xmlXssViolations)

Number of XML Cross-Site Scripting (XSS) security check violations seen by the Application Firewall.

XML Attachment (xmlAttachmentViolations)

Number of XML Attachment security check violations seen by the Application Firewall.

SOAP Fault Violations (soapflt)

Number of requests returning soap:fault from the backend server

XML Generic Violations (genflt)

Number of requests returning XML generic error from the backend server

start URL logs (startURLLog)

Number of Start URL security check log messages generated by the Application Firewall.

deny URL logs (denyURLLog)

Number of Deny URL security check log messages generated by the Application Firewall.

referer header logs (refererHdrLog)

Number of Referer Header security check log messages generated by the Application Firewall.

buffer overflow logs (bufovflLog)

Number of Buffer Overflow security check log messages generated by the Application Firewall.

cookie consistency logs (cookieLog)

Number of Cookie Consistency security check log messages generated by the Application Firewall.

CSRF form tag logs (csrf_tagLog)

Number of Cross Site Request Forgery form tag security check log messages generated by the Application Firewall.

HTML XSS logs (xssLog)

Number of HTML Cross-Site Scripting security check log messages generated by the Application Firewall.

HTML XSS transform logs (xssXformLog)

Number of HTML Cross-Site Scripting security check transform log messages generated by the Application Firewall.

HTML SQL logs (sqlLog)

Number of HTML SQL Injection security check log messages generated by the Application Firewall.

HTML SQL transform logs (sqlXformLog)

Number of HTML SQL Injection security check transform log messages generated by the Application Firewall.

field format logs (fieldfmtLog)

Number of Field Format security check log messages generated by the Application Firewall.

field consistency (fieldconLog)

Number of Field Consistency security check log messages generated by the Application Firewall.

credit cards (ccardLog)

Number of Credit Card security check log messages generated by the Application Firewall.

safe object logs (safeobjLog)

Number of Safe Object security check log messages generated by the Application Firewall.

Signature logs (sigsLog)

Number of Signature logs generated by the Application Firewall.

content Type logs (contentTypeLog)

Number of content type security check log messages generated by the Application Firewall.

XML Format logs (wfcLogs)

Number of XML Format security check log messages generated by the Application Firewall.

XML Denial of Service (XDoS) log messages (xdosLogs)

Number of XML Denial-of-Service security check log messages generated by the Application Firewall.

XML Message Validation logs (msgvalLogs)

Number of XML Message Validation security check log messages generated by the Application Firewall.

WSI logs (wsILogs)

Number of Web Services Interoperability (WS-I) security check log messages generated by the Application Firewall.

XML SQL Injection logs (xmlSqlLogs)

Number of XML SQL Injection security check log messages generated by the Application Firewall.

XML XSS logs (xmlXssLogs)

Number of XML Cross-Site Scripting (XSS) security check log messages generated by the Application Firewall.

XML Attachment logs (xmlAttachmentLogs)

Number of XML Attachment security check log messages generated by the Application Firewall.

SOAP Fault logs (soapfltLog)

Number of requests generating soap:fault log messages

XML Generic logs (genfltLog)

Number of requests generating XML generic error log messages

HTTP Client Errors (4xx Resp) (4xxResps)

Number of requests returning HTTP 4xx from the backend server

HTTP Server Errors (5xx Resp) (5xxResps)

Number of requests returning HTTP 5xx from the backend server

credit card log transform messages (ccardXformLog)

Number of Credit Card security check transform log messages generated by the Application Firewall.