aiwaf-add-user-defined-rule
Add a user defined pattern rule to AIWAF device.
aiwaf-add-user-defined-rule profile=PROFILE name=NAME [severity=SEVERITY] [action=detect|block] [description=DESCRIPTION] [is-log-enabled=t|f] [is-mail-enabled=t|f] [include-src-addrs=INCLUDE-SRC-ADDRS] [exclude-src-addrs=EXCLUDE-SRC-ADDRS] [include-urls=INCLUDE-URLS] [exclude-urls=EXCLUDE-URLS] [use-method=t|f] [method-regex=METHOD-REGEX] [use-path=t|f] [path-regex=PATH-REGEX] [path-min-len=INT] [path-case-sensitive=t|f] [use-user-agent=t|f] [user-agent-regex=USER-AGENT-REGEX] [user-agent-min-len=INT] [user-agent-case-sensitive=t|f] [use-header=t|f] [header-regex=HEADER-REGEX] [header-min-len=INT] [header-case-sensitive=t|f] [use-cookie=t|f] [cookie-regex=COOKIE-REGEX] [cookie-min-len=INT] [cookie-case-sensitive=t|f] [use-param=t|f] [param-regex=PARAM-REGEX] [param-min-len=INT] [param-max-len=INT] [param-case-sensitive=t|f] [use-query=t|f] [query-regex=QUERY-REGEX] [query-min-len=INT] [query-max-len=INT] [query-case-sensitive=t|f] [use-file-name=t|f] [file-name-regex=FILE-NAME-REGEX] [file-name-min-len=INT] [file-name-case-sensitive=t|f] [use-file-content=t|f] [file-content-regex=FILE-CONTENT-REGEX] [file-content-min-len=INT] [file-content-max-len=INT] [file-content-case-sensitive=t|f]
- profile=PROFILE
- Connect profile code of AIWAF device.
- name=NAME
- User-defined rule name
- severity=SEVERITY
- Risk level. e.g. low , medium, high or critical. medium by default.
- action=ACTION
- e.g. BLOCK or DETECT. BLOCK by default.
- description=DESCRIPTION
- User-defined rule description.
- is-log-enabled=IS-LOG-ENABLED
- Whether to create logs. e.g. t or f. t by default.
- is-mail-enabled=IS-MAIL-ENABLED
- Whether to send mail. e.g. t or f. f by default.
- include-src-addrs=INCLUDE-SRC-ADDRS
- Client IPs. Format is single or range. Can enter multiple IPs or IP ranges separated by commas. e.g. 192.168.1.2,10.0.0.3-10.0.0.5
- exclude-src-addrs=EXCLUDE-SRC-ADDRS
- Except IPs. Format is single or range. Can enter multiple IPs or IP ranges separated by commas. e.g. 192.168.1.2,10.0.0.3-10.0.0.5
- include-urls=INCLUDE-URLS
- Server URL patterns to apply.
- exclude-urls=EXCLUDE-URLS
- Server URL patterns to except.
- use-method=BOOL
- t or f. f by default.
- method-regex=METHOD-REGEX
- HTTP method pattern.
- use-path=BOOL
- t or f. f by default.
- path-regex=PATH-REGEX
- URL path pattern.
- path-min-len=INT
- URL path pattern min length. Check number format
- path-case-sensitive=BOOL
- URL path pattern case sensitive. t or f. f by default.
- use-user-agent=BOOL
- t or f. f by default.
- user-agent-regex=USER-AGENT-REGEX
- User agent pattern.
- user-agent-min-len=BOOL
- User agent pattern min length. Check number format
- user-agent-case-sensitive=BOOL
- User agent pattern case sensitive. t or f. f by default.
- use-header=BOOL
- t or f. f by default.
- header-regex=HEADER-REGEX
- HTTP header pattern.
- header-min-len=INT
- HTTP header pattern min length. Check number format
- header-case-sensitive=BOOL
- HTTP header pattern case sensitive. t or f. f by default.
- use-cookie=BOOL
- t or f. f by default.
- cookie-regex=COOKIE-REGEX
- Cookie pattern.
- cookie-min-len=INT
- Cookie pattern min length. Check number format
- cookie-case-sensitive=BOOL
- Cookie pattern case sensitive. t or f. f by default.
- use-param=BOOL
- t or f. f by default.
- param-regex=PARAM-REGEX
- Query payload pattern.
- param-min-len=INT
- Query payload key-value pattern min length. Check number format
- param-max-len=INT
- Query payload key-value pattern max length. Check number format
- param-case-sensitive=BOOL
- Query payload key-value pattern case sensitive. t or f. f by default.
- use-query=BOOL
- t or f. f by default.
- query-regex=QUERY-REGEX
- Query payload all pattern.
- query-min-len=INT
- Query payload all pattern min length. Check number format
- query-max-len=INT
- Query payload all pattern max length. Check number format
- query-case-sensitive=BOOL
- Query payload all pattern case sensitive. t or f. f by default.
- use-file-name=BOOL
- t or f. f by default.
- file-name-regex=FILE-NAME-REGEX
- Upload filename pattern.
- file-name-min-len=INT
- Upload filename pattern min length. Check number format
- file-name-case-sensitive=BOOL
- Upload filename pattern case sensitive. t or f. f by default.
- use-file-content=BOOL
- t or f. f by default.
- file-content-regex=FILE-CONTENT-REGEX
- Upload file content pattern.
- file-content-min-len=INT
- Upload file content pattern min length. Check number format
- file-content-max-len=INT
- Upload file content pattern max length. Check number format
- file-content-case-sensitive=BOOL
- Upload file content pattern case sensitive. t or f. f by default.
Output Fields
| Field | Type | Name | Description |
|---|---|---|---|
| profile | String | Connect profile | Connect profile code of AIWAF device |
| id | Integer | Rule ID | Added user-defined pattern rule ID |