Product Documentation

policy expression

Sep 12, 2016

The following operations can be performed on "policy expression":

add | rm | set | unset | show

add policy expression

Creates a classic or default syntax named expression, which can be used in multiple policies. For example, you can create the following named expressions, ExpressionA and ExpressionB: ExpressionA: http.req.body(100).contains("A") ExpressionB: http.req.body(100).contains("B") You could then create an expression of the form: <ExpressionA || ExpressionB>

Synopsys

add policy expression <name> <value> [-comment <string>] [-clientSecurityMessage <string>]

Arguments

name

Unique name for the expression. Not case sensitive. Must begin with an ASCII letter or underscore (_) character, and must consist only of ASCII alphanumeric or underscore characters. Must not begin with 're' or 'xp' or be a word reserved for use as a default syntax expression qualifier prefix (such as HTTP) or enumeration value (such as ASCII). Must not be the name of an existing named expression, pattern set, dataset, stringmap, or HTTP callout.

value

Expression string. For example: http.req.body(100).contains("this").

comment

Any comments associated with the expression. Displayed upon viewing the policy expression.

clientSecurityMessage

Message to display if the expression fails. Allowed for classic end-point check expressions only.

rm policy expression

Removes a named policy expression. If the expression is used by a policy or filter, you must remove the policy or filter before removing the expression.

Synopsys

rm policy expression <name> ...

Arguments

name

Name of the policy expression to be removed.

set policy expression

Modifies the attributes of a named policy expression.

Synopsys

set policy expression <name> [<value>] [-comment <string>] [-clientSecurityMessage <string>]

Arguments

name

Name of the policy expression to be modified.

value

The expression string.

comment

Any comments associated with the expression. Displayed upon viewing the policy expression.

clientSecurityMessage

The client security message that will be displayed on failure of this expression. Only relevant for end point check expressions.

unset policy expression

Use this command to remove policy expression settings.Refer to the set policy expression command for meanings of the arguments.

Synopsys

unset policy expression <name> [-comment] [-clientSecurityMessage]

show policy expression

Displays information about the available named policy expressions.

Synopsys

show policy expression [<name> | -type ( CLASSIC | ADVANCED )]

Arguments

name

Name of the policy expression to display. If a name is not provided, information about all policy expressions is shown.

type

Type of expression. Can be a classic or default syntax (advanced) expression.

Possible values: CLASSIC, ADVANCED

Outputs

value

The expression string.

hits

The total number of hits.

piHits

The total number of hits.

type

The type of expression. This is for output only.

clientSecurityMessage

The client security message that will be displayed on failure of the client security check.

description

Description for the expression.

comment

Any comments associated with the expression. Displayed upon viewing the policy expression.

stateflag

flag

isDefault

A value of true is returned if it is a default policy expression.

builtin

Indicates that a variable is a built-in (SYSTEM INTERNAL) type.

devno

count