ASM

Description

iRules commands and events relating to the Application Security Manager (ASM) module

Command List

  • ASM::client_ip - Returns the IP address of the end client that sent the present request
  • ASM::disable - Disables plugin processing on the connection.
  • ASM::enable - Enables plugin processing on the connection.
  • ASM::fingerprint - returns the FP id if available
  • ASM::payload - This command retrieves or replaces the payload collected by ASM.
  • ASM::raise - Issues a user-defined violation on the present request
  • ASM::severity - Returns the overall severity of the violations found in the transaction (both request and response)
  • ASM::signature - returns the list of signatures
  • ASM::status - Returns the current status of the request or response
  • ASM::support_id - Returns the support id of the present HTTP transaction
  • ASM::unblock - Overrides the blocking action for a request that had blocking violation
  • ASM::violation - Returns the list of violations found in the present request or response together with details on each one
  • ASM::violation_data - This command exposes violation data using a multiple buffers instance
  • DOSL7::disable - Disables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::enable - Enables blocking and detection of DoS attacks according to the ASM security policy configuration
  • DOSL7::profile - returns the DOS profile from which the L7-DoS policy is extracted

Event List

  • ASM_REQUEST_BLOCKING - Triggered when ASM is generating the reject-response and gives the iRule a chance to modify that reject-response before it is sent.
  • ASM_REQUEST_DONE - triggered after ASM finished processing the request and found all violations of the ASM policy
  • ASM_REQUEST_VIOLATION - Triggered when ASM detects that a request violates an ASM security policy.
  • ASM_RESPONSE_VIOLATION - Triggered when ASM detects that a response violates an ASM security policy.
  • IN_DOSL7_ATTACK - Triggered when ASM detects that a request violates an ASM security policy for Denial of Service attacks