Manual Chapter :
Customizing Automatic Transaction default settings
Applies To:
Show VersionsBIG-IP ASM
- 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Customizing Automatic Transaction default settings
Customize the Automatic Transaction default settings if you want to change one or more
of the automatic transaction alert scores.
- On the Main tab, click.The BIG-IP DataSafe screen opens.
- From the list of profiles, select the relevant profile.The DataSafe Profile Properties screen opens.
- In the DataSafe Configuration area, clickURL List.The URL List opens.
- Click the URL or view on which you want to customize Automatic Transactions default settings (or clickAdd URLorAdd Viewif you want to define a new URL or view with Automatic Transactions detection).The URL Properties (or View Properties) screen opens.
- In the URL Configuration (or View Configuration) area, selectAutomatic Transactions.The Automatic Transactions configuration options appear.
- Ensure that theEnabledcheck box forAutomatic Transactionsis selected.
- ClickAdvanced.The Automatic Transactions advanced settings are listed.
- ForTampered Cookie Score, type a number to add to the total risk score of the anti-fraud profile if the system detects that the Transactions Data cookie was removed.
- ForData Manipulation Score, type a number to add to the total risk score of the anti-fraud profile if the system detects data manipulation in one of the following situations:
- If the HTTP request sent or received by the URL is URL-encoded and one or more parameters have theCheck Data Manipulationattribute, the BIG-IP system checks for a difference between the actual value of a parameter and the expected value of a parameter sent when a user clicks a web form’s Submit button. If a difference is detected the score entered here is added to the total risk score of the anti-fraud profile, for each parameter marked withCheck Data Manipulation.
- If the HTTP request is not URL-encoded andCheck AJAX Payload for Data Manipulationis enabled, the BIG-IP system checks for a difference between the actual value of the Ajax payload sent by the client's browser and the expected value of the Ajax payload. If a difference is detected, the score entered here is added to the total risk score of the anti-fraud profile.
- ForData Manipulation Maximum Score, type a number to limit the total combined score that can be added to an alert score when the BIG-IP system detects that data manipulation occurred on two or more parameters.For example, if you setData Manipulation Scoreto 20 and the value here is 50, if the system detects data manipulation on 3 parameters a value of 50 is added to the alert score instead of 60 (which is the actual combined value).Data Manipulation Maximum Scoreis only relevant if the HTTP parameters are in query string or form format and two or more URL parameters have theCheck Data Manipulationattribute.
- ForMinimum Score to Send Alert, type a number for the minimum total score required to send an alert to the FPS Dashboard.
- ClickSave.The changes you made to the Automatic Transactions settings are saved.