waf global¶
WAF global stats
global Specification¶
Type Configuration Resource Element Name global Element URI /axapi/v3/waf/global Element Attributes global_attributes Statistics Data URI /axapi/v3/waf/global/stats Schema global schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/waf/global | ||
Get Object | GET | /axapi/v3/waf/global | ||
Modify Object | POST | /axapi/v3/waf/global | ||
Replace Object | PUT | /axapi/v3/waf/global | ||
Delete Object | DELETE | /axapi/v3/waf/global | ||
global attributes¶
sampling-enable
Type: Listuuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
sampling-enable¶
Specification Type list Block object keys counters1
Description ‘all’: all; ‘total_req’: Total Requests; ‘req_allowed’: Requests Allowed; ‘req_denied’: Requests Denied; ‘resp_denied’: Responses Denied; ‘brute_force_success’: Brute-Force checks passed; ‘brute_force_violation’: Brute-Force checks violation; ‘brute_force_challenge_cookie_sent’: Cookie Challenge Sent; ‘brute_force_challenge_cookie_success’: Cookie Vhallenge check passed; ‘brute_force_challenge_cookie_violation’: Cookie challenge violation; ‘brute_force_challenge_javascript_sent’: JavaScript challenge sent; ‘brute_force_challenge_javascript_success’: JavaScript challenge check passed; ‘brute_force_challenge_javascript_violation’: JavaScript challenge violation; ‘brute_force_challenge_captcha_sent’: Captcha challenge sent; ‘brute_force_challenge_captcha_success’: Captcha challenge check passed; ‘brute_force_challenge_captcha_violation’: Captcha challenge violation; ‘brute_force_lockout_limit_success’: Lockout limit check passed; ‘brute_force_lockout_limit_violation’: Lockout limit violation; ‘brute_force_challenge_limit_success’: Lockout limit check passed; ‘brute_force_challenge_limit_violation’: Lockout limit violation; ‘brute_force_response_codes_triggered’: Response Codes Triggered; ‘brute_force_response_headers_triggered’: Brute Force Response Headers Triggered; ‘brute_force_response_string_triggered’: Brute Force Response string Triggered; ‘cookie_security_encrypt_success’: Cookie Security - encrypt successful; ‘cookie_security_encrypt_violation’: Cookie Security - encrypt violation; ‘cookie_security_encrypt_limit_exceeded’: Cookie Security - encrypt limit exceeded; ‘cookie_security_encrypt_skip_rcache’: Cookie Security - encrypt skipped - RAM cache; ‘cookie_security_decrypt_success’: Cookie Security - decrypt successful; ‘cookie_security_decrypt_violation’: Cookie Security - decrypt violation; ‘cookie_security_sign_success’: Cookie Security - signing successful; ‘cookie_security_sign_violation’: Cookie Security - signing violation; ‘cookie_security_sign_limit_exceeded’: Cookie Security - signing limit exceeded; ‘cookie_security_sign_skip_rcache’: Cookie Security - signing skipped - RAM cache; ‘cookie_security_signature_check_success’: Cookie Security - signature check successful; ‘cookie_security_signature_check_violation’: Cookie Security - signature check failed; ‘cookie_security_add_http_only_success’: Cookie Security - http-only flag added successfully; ‘cookie_security_add_http_only_violation’: Cookie Security - http-only flag violation; ‘cookie_security_add_secure_success’: Cookie Security - secure flag added successfully; ‘cookie_security_add_secure_violation’: Cookie Security - secure flag violation; ‘cookie_security_missing_cookie_success’: Cookie Security - request with missing cookie; ‘cookie_security_missing_cookie_violation’: Cookie Security - missing cookie violation; ‘cookie_security_unrecognized_cookie_success’: Cookie Security - request with unrecognised cookie; ‘cookie_security_unrecognized_cookie_violation’: Cookie Security - unrecognized cookie violation; ‘cookie_security_cookie_policy_success’: Cookie Security - cookie policy passed; ‘cookie_security_cookie_policy_violation’: Cookie Security - cookie policy violation; ‘cookie_security_persistent_cookies’: Cookie Security - persistent cookies; ‘cookie_security_persistent_cookies_encrypted’: Cookie Security - encrypted persistent cookies; ‘cookie_security_persistent_cookies_signed’: Cookie Security - signed persistent cookies; ‘cookie_security_session_cookies’: Cookie Security - session cookies; ‘cookie_security_session_cookies_encrypted’: Cookie Security - encrypted session cookies; ‘cookie_security_session_cookies_signed’: Cookie Security - signed session cookies; ‘cookie_security_allowed_session_cookies’: Cookie Security - allowed session cookies; ‘cookie_security_allowed_persistent_cookies’: Cookie Security - allowed persistent cookies; ‘cookie_security_disallowed_session_cookies’: Cookie Security - disallowed session cookies; ‘cookie_security_disallowed_persistent_cookies’: Cookie Security - disallowed persistent cookies; ‘cookie_security_allowed_session_set_cookies’: Cookie Security - allowed session Set-Cookies; ‘cookie_security_allowed_persistent_set_cookies’: Cookie Security - allowed persistent Set-Cookies; ‘cookie_security_disallowed_session_set_cookies’: Cookie Security - disallowed session Set-Cookies; ‘cookie_security_disallowed_persistent_set_cookies’: Cookie Security - disallowed persistent Set-Cookies; ‘csp_header_violation’: CSP header_missing; ‘csp_header_success’: CSP header found; ‘csp_header_inserted’: CSP header Inserted; ‘form_csrf_tag_success’: Form CSRF tag passed; ‘form_csrf_tag_violation’: Form CSRF tag violation; ‘form_consistency_success’: Form Consistency passed; ‘form_consistency_violation’: Form Consistency violation; ‘form_tag_inserted’: Form A10 Tag Inserted; ‘form_non_ssl_success’: Form Non SSL check passed; ‘form_non_ssl_violation’: Form Non SSL violation; ‘form_request_non_post_success’: Form Method being Non Post in Request passed; ‘form_request_non_post_violation’: Form Method being Non Post in Request violation; ‘form_check_success’: Post Form Check passed; ‘form_check_violation’: Post Form Check violation; ‘form_check_sanitize’: Post Form Check Sanitized; ‘form_non_masked_password_success’: Form Non Masked Password check passed; ‘form_non_masked_password_violation’: Form Non Masked Password violation; ‘form_non_ssl_password_success’: Form Non SSL Password check passed; ‘form_non_ssl_password_violation’: Form Non SSL Password violation; ‘form_password_autocomplete_success’: Form Password Autocomplete check passed; ‘form_password_autocomplete_violation’: Form Password Autocomplete violation; ‘form_set_no_cache_success’: Form Set No Cache check passed; ‘form_set_no_cache’: Form Set No Cache violation; ‘dlp_ccn_success’: Credit Card Number check passed; ‘dlp_ccn_amex_violation’: Amex Credit Card Number Detected; ‘dlp_ccn_amex_masked’: Amex Credit Card Number Masked; ‘dlp_ccn_diners_violation’: Diners Club Credit Card Number Detected; ‘dlp_ccn_diners_masked’: Diners Club Credit Card Number Masked; ‘dlp_ccn_visa_violation’: Visa Credit Card Number Detected; ‘dlp_ccn_visa_masked’: Visa Credit Card Number Masked; ‘dlp_ccn_mastercard_violation’: MasterCard Credit Card Number Detected; ‘dlp_ccn_mastercard_masked’: MasterCard Credit Card Number Masked; ‘dlp_ccn_discover_violation’: Discover Credit Card Number Detected; ‘dlp_ccn_discover_masked’: Discover Credit Card Number Masked; ‘dlp_ccn_jcb_violation’: JCB Credit Card Number Detected; ‘dlp_ccn_jcb_masked’: JCB Credit Card Number Masked; ‘dlp_ssn_success’: Social Security Number Mask check passed; ‘dlp_ssn_violation’: Social Security Number Mask violation; ‘dlp_pcre_success’: PCRE Mask check passed; ‘dlp_pcre_violation’: PCRE Mask violation; ‘dlp_pcre_masked’: PCRE Mask violation; ‘evasion_check_apache_whitespace_success’: Apache Whitespace check passed; ‘evasion_check_apache_whitespace_violation’: Apache Whitespace check violation; ‘evasion_check_decode_entities_success’: Decode Entities check passed; ‘evasion_check_decode_entities_violation’: Decode Entities check violation; ‘evasion_check_decode_escaped_chars_success’: Decode Escaped Chars check passed; ‘evasion_check_decode_escaped_chars_violation’: Decode Escaped Chars check Failre; ‘evasion_check_decode_unicode_chars_success’: Decode Unicode Chars check passed; ‘evasion_check_decode_unicode_chars_violation’: Decode Unicode Chars check violation; ‘evasion_check_dir_traversal_success’: Dir traversal check passed; ‘evasion_check_dir_traversal_violation’: Dir traversal check violation;
Type: string
Supported Values: all, total_req, req_allowed, req_denied, bot_check_succ, bot_check_fail, form_consistency_succ, form_consistency_fail, form_csrf_tag_succ, form_csrf_tag_fail, url_check_succ, url_check_fail, url_check_learn, buf_ovf_url_len_fail, buf_ovf_cookie_len_fail, buf_ovf_hdrs_len_fail, buf_ovf_post_size_fail, max_cookies_fail, max_hdrs_fail, http_method_check_succ, http_method_check_fail, http_check_succ, http_check_fail, referer_check_succ, referer_check_fail, referer_check_redirect, uri_wlist_succ, uri_wlist_fail, uri_blist_succ, uri_blist_fail, post_form_check_succ, post_form_check_sanitize, post_form_check_reject, ccn_mask_amex, ccn_mask_diners, ccn_mask_visa, ccn_mask_mastercard, ccn_mask_discover, ccn_mask_jcb, ssn_mask, pcre_mask, cookie_encrypt_succ, cookie_encrypt_fail, cookie_encrypt_limit_exceeded, cookie_encrypt_skip_rcache, cookie_decrypt_succ, cookie_decrypt_fail, sqlia_chk_url_succ, sqlia_chk_url_sanitize, sqlia_chk_url_reject, sqlia_chk_post_succ, sqlia_chk_post_sanitize, sqlia_chk_post_reject, xss_chk_cookie_succ, xss_chk_cookie_sanitize, xss_chk_cookie_reject, xss_chk_url_succ, xss_chk_url_sanitize, xss_chk_url_reject, xss_chk_post_succ, xss_chk_post_sanitize, xss_chk_post_reject, resp_code_hidden, resp_hdrs_filtered, learn_updates, num_drops, num_resets, form_non_ssl_reject, form_non_post_reject, sess_check_none, sess_check_succ, sess_check_fail, soap_check_succ, soap_check_failure, wsdl_fail, wsdl_succ, xml_schema_fail, xml_schema_succ, xml_sqlia_chk_fail, xml_sqlia_chk_succ, xml_xss_chk_fail, xml_xss_chk_succ, json_check_failure, json_check_succ, xml_check_failure, xml_check_succ, buf_ovf_cookie_value_len_fail, buf_ovf_cookies_len_fail, buf_ovf_hdr_name_len_fail, buf_ovf_hdr_value_len_fail, buf_ovf_max_data_parse_fail, buf_ovf_line_len_fail, buf_ovf_parameter_name_len_fail, buf_ovf_parameter_value_len_fail, buf_ovf_parameter_total_len_fail, buf_ovf_query_len_fail, max_entities_fail, max_parameters_fail, buf_ovf_cookie_name_len_fail, xml_limit_attr, xml_limit_attr_name_len, xml_limit_attr_value_len, xml_limit_cdata_len, xml_limit_elem, xml_limit_elem_child, xml_limit_elem_depth, xml_limit_elem_name_len, xml_limit_entity_exp, xml_limit_entity_exp_depth, xml_limit_namespace, xml_limit_namespace_uri_len, json_limit_array_value_count, json_limit_depth, json_limit_object_member_count, json_limit_string, form_non_masked_password, form_non_ssl_password, form_password_autocomplete, redirect_wlist_succ, redirect_wlist_fail, redirect_wlist_learn, form_set_no_cache, resp_denied, sessions_alloc, sessions_freed, out_of_sessions, too_many_sessions, called, permitted, brute_force_success, brute_force_fail, challenge_cookie_sent, challenge_javascript_sent, challenge_captcha_sent
stats data¶
| Counter | Size | Description | |
|---|---|---|---|
| redirect_wlist_fail | 8 | Redirect Whitelist Failure | |
| cookie_encrypt_limit_exceeded | 8 | Cookie Encrypt Limit Exceeded | |
| wsdl_succ | 8 | WSDL Success | |
| sqlia_chk_url_succ | 8 | SQLIA Check URL Success | |
| bot_check_succ | 8 | Botnet Check Success | |
| sessions_alloc | 8 | Sessions allocated | |
| buf_ovf_cookie_name_len_fail | 8 | Buffer Overflow - Cookie Name Length Failure | |
| redirect_wlist_learn | 8 | Redirect Whitelist Learn | |
| xml_limit_elem_child | 8 | XML Limit Element Child | |
| buf_ovf_parameter_value_len_fail | 8 | Buffer Overflow - HTML Parameter Value Length Failure | |
| ccn_mask_visa | 8 | Credit Card Number Mask Visa | |
| xss_chk_cookie_succ | 8 | XSS Check Cookie Success | |
| buf_ovf_cookies_len_fail | 8 | Buffer Overflow - Cookies Length Failure | |
| redirect_wlist_succ | 8 | Redirect Whitelist Success | |
| json_check_failure | 8 | JSON Check Failure | |
| xss_chk_post_reject | 8 | XSS Check Post Rejected | |
| xss_chk_url_reject | 8 | XSS Check URL Rejected | |
| form_consistency_succ | 8 | Form Consistency Success | |
| xml_limit_cdata_len | 8 | XML Limit CData Length | |
| xml_check_failure | 8 | XML Check Failure | |
| num_resets | 8 | Number Resets | |
| referer_check_succ | 8 | Referer Check Success | |
| sqlia_chk_post_succ | 8 | SQLIA Check Post Success | |
| xss_chk_url_sanitize | 8 | XSS Check URL Sanitized | |
| cookie_encrypt_succ | 8 | Cookie Encrypt Success | |
| buf_ovf_parameter_total_len_fail | 8 | Buffer Overflow - HTML Parameter Total Length Failure | |
| soap_check_succ | 8 | Soap Check Success | |
| sessions_freed | 8 | Sessions freed | |
| max_cookies_fail | 8 | Max Cookies Failure | |
| json_limit_array_value_count | 8 | JSON Limit Array Value Count | |
| xml_limit_entity_exp_depth | 8 | XML Limit Entity Exp Depth | |
| json_check_succ | 8 | JSON Check Success | |
| resp_code_hidden | 8 | Response Code Hidden | |
| xml_sqlia_chk_fail | 8 | XML Sqlia Check Failure | |
| xss_chk_post_succ | 8 | XSS Check Post Success | |
| form_consistency_fail | 8 | Form Consistency Failure | |
| http_check_fail | 8 | Http Check Failure | |
| url_check_succ | 8 | URL Check Success | |
| sqlia_chk_url_sanitize | 8 | SQLIA Check URL Sanitized | |
| xss_chk_cookie_reject | 8 | XSS Check Cookie Rejected | |
| brute_force_success | 8 | Brute-Force checks passed | |
| max_entities_fail | 8 | Max Entities Failure | |
| xml_limit_attr | 8 | XML Limit Attribue | |
| http_method_check_fail | 8 | Http Method Check Failure | |
| form_non_ssl_reject | 8 | Form Non SSL Rejected | |
| xss_chk_post_sanitize | 8 | XSS Check Post Sanitized | |
| form_set_no_cache | 8 | Form Set No Cache violation | |
| xml_schema_succ | 8 | XML Schema Success | |
| sqlia_chk_url_reject | 8 | SQLIA Check URL Rejected | |
| xml_check_succ | 8 | XML Check Success | |
| sess_check_none | 8 | Session Check None | |
| xml_limit_namespace | 8 | XML Limit Namespace | |
| wsdl_fail | 8 | WSDL Failure | |
| post_form_check_succ | 8 | Post Form Check Success | |
| buf_ovf_query_len_fail | 8 | Buffer Overflow - Query Length Failure | |
| sqlia_chk_post_reject | 8 | SQLIA Check Post Rejected | |
| form_password_autocomplete | 8 | Form Password Autocomplete | |
| permitted | 8 | Honor threshold count | |
| xml_xss_chk_fail | 8 | XML XSS Check Failure | |
| buf_ovf_url_len_fail | 8 | Buffer Overflow - URL Length Failure | |
| buf_ovf_cookie_len_fail | 8 | Buffer Overflow - Cookie Length Failure | |
| challenge_javascript_sent | 8 | JavaScript challenge sent | |
| form_csrf_tag_succ | 8 | Form CSRF tag Success | |
| xss_chk_cookie_sanitize | 8 | XSS Check Cookie Sanitized | |
| xml_limit_entity_exp | 8 | XML Limit Entity Exp | |
| ccn_mask_diners | 8 | Credit Card Number Mask Diners | |
| sess_check_succ | 8 | Session Check Success | |
| json_limit_depth | 8 | JSON Limit Depth | |
| cookie_encrypt_skip_rcache | 8 | Cookie Encrypt Skip RCache | |
| learn_updates | 8 | Learning Updates | |
| req_denied | 8 | Requests Denied | |
| http_check_succ | 8 | Http Check Success | |
| req_allowed | 8 | Requests Allowed | |
| json_limit_object_member_count | 8 | JSON Limit Object Number Count | |
| bot_check_fail | 8 | Botnet Check Failure | |
| uri_wlist_fail | 8 | URI White List Failure | |
| uri_blist_fail | 8 | URI Black List Failure | |
| xml_limit_namespace_uri_len | 8 | XML Limit Namespace URI Length | |
| challenge_cookie_sent | 8 | Cookie challenge sent | |
| sqlia_chk_post_sanitize | 8 | SQLIA Check Post Sanitized | |
| ccn_mask_amex | 8 | Credit Card Number Mask Amex | |
| num_drops | 8 | Number Drops | |
| referer_check_fail | 8 | Referer Check Failure | |
| post_form_check_sanitize | 8 | Post Form Check Sanitized | |
| cookie_decrypt_succ | 8 | Cookie Decrypt Success | |
| max_parameters_fail | 8 | Max Parameters Failure | |
| url_check_fail | 8 | URL Check Failure | |
| xml_schema_fail | 8 | XML Schema Failure | |
| form_non_post_reject | 8 | Form Non Post Rejected | |
| buf_ovf_hdrs_len_fail | 8 | Buffer Overflow - Headers length Failure | |
| uri_wlist_succ | 8 | URI White List Success | |
| form_non_masked_password | 8 | Form Non Masked Password | |
| buf_ovf_line_len_fail | 8 | Buffer Overflow - Line Length Failure | |
| ccn_mask_discover | 8 | Credit Card Number Mask Discover | |
| ssn_mask | 8 | Social Security Number Mask | |
| json_limit_string | 8 | JSON Limit String | |
| resp_hdrs_filtered | 8 | Response Headers Filtered | |
| called | 8 | Threshold check count | |
| ccn_mask_mastercard | 8 | Credit Card Number Mask Mastercard | |
| xml_sqlia_chk_succ | 8 | XML Sqlia Check Success | |
| brute_force_fail | 8 | Brute-force checks failed | |
| max_hdrs_fail | 8 | Max Headers Failure | |
| xml_limit_attr_name_len | 8 | XML Limit Name Length | |
| form_non_ssl_password | 8 | Form Non SSL Password | |
| too_many_sessions | 8 | Too many sessions consumed | |
| buf_ovf_hdr_value_len_fail | 8 | Buffer Overflow - Header Value Length Failure | |
| uri_blist_succ | 8 | URI Black List Success | |
| sess_check_fail | 8 | Session Check Failure | |
| buf_ovf_hdr_name_len_fail | 8 | Buffer Overflow - Header Name Length Failure | |
| resp_denied | 8 | Responses Denied | |
| pcre_mask | 8 | PCRE Mask | |
| out_of_sessions | 8 | Out of sessions | |
| xml_limit_elem | 8 | XML Limit Element | |
| buf_ovf_parameter_name_len_fail | 8 | Buffer Overflow - HTML Parameter Name Length Failure | |
| xml_limit_attr_value_len | 8 | XML Limit Value Length | |
| xml_limit_elem_depth | 8 | XML Limit Element Depth | |
| ccn_mask_jcb | 8 | Credit Card Number Mask Jcb | |
| cookie_decrypt_fail | 8 | Cookie Decrypt Failure | |
| buf_ovf_cookie_value_len_fail | 8 | Buffer Overflow - Cookie Value Length Failure | |
| buf_ovf_max_data_parse_fail | 8 | Buffer Overflow - Max Data Parse Failure | |
| total_req | 8 | Total Requests | |
| xml_limit_elem_name_len | 8 | XML Limit Element Name Length | |
| url_check_learn | 8 | URL Check Learn | |
| http_method_check_succ | 8 | Http Method Check Success | |
| xss_chk_url_succ | 8 | XSS Check URL Success | |
| referer_check_redirect | 8 | Referer Check Redirect | |
| post_form_check_reject | 8 | Post Form Check Rejected | |
| cookie_encrypt_fail | 8 | Cookie Encrypt Failure | |
| soap_check_failure | 8 | Soap Check Failure | |
| challenge_captcha_sent | 8 | Captcha challenge sent | |
| form_csrf_tag_fail | 8 | Form CSRF tag Failure | |
| xml_xss_chk_succ | 8 | XML XSS Check Success | |
| buf_ovf_post_size_fail | 8 | Buffer Overflow - Post size Failure |