Manual Chapter : Incorporating policy builder suggestions

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 16.0.0
Manual Chapter

Incorporating policy builder suggestions

  1. Extract list of WAF policies configured on the BIG-IP.
    Send a GET request to
    https://<<your-BIG-IP>>/mgmt/tm/asm/policies?$select=name,id
    .
  2. Extract the Policy Id (Policy_Key) for the specific WAF policy.
  3. Export the policy builder suggestions.
    Send a POST request to
    https://<your-BIG-IP>/mgmt/tm/asm/tasks/export-suggestions
    . Use the following body content:
    { "inline":"true", "policyReference":{ "link":"https://<your-BIG-IP>/mgmt/tm/asm/policies/<Policy_Key>/" } }
    Send a GET request to
    https://<your-BIG-IP>/mgmt/tm/asm/tasks/export-suggestions
    .
    The following is an example for exported suggestions:
    "suggestions":[ { "entityChanges":{ "signatureOverrides":[ { "name":"my_TAGGED_SIG", "tag":"my_tag", "enabled":false } ], "type":"explicit" }, "entity":{ "protocol":"http", "name":"/index.php", "method":"*" }, "entityType":"url", "action":"update-append", "description":"Disable the matched signature on the matched URL" }, { "entityChanges":{ "signatureOverrides":[ { "name":"my_UNTAGGED_SIG", "tag":"", "enabled":false } ], "type":"explicit" }, "entity":{ "protocol":"http", "name":"/index.php", "method":"*" }, "entityType":"url", "action":"update-append", "description":"Disable the matched signature on the matched URL" } ]
  4. Update the declarative policy with exported suggestions.
    Use the
    Modifications
    property to add suggestions in the policy. The following is an example:
    "modifications":[ { "entity":{ "protocol":"http", "name":"/index.php", "method":"*" }, "entityChanges":{ "signatureOverrides":[ { "name":"my_TAGGED_SIG", "tag":"my_tag", "enabled":false } ], "type":"explicit" }, "entityType":"url", "action":"update-append", "description":"Disable the matched signature on the matched URL" }, { "entity":{ "protocol":"http", "name":"/index.php", "method":"*" }, "entityChanges":{ "signatureOverrides":[ { "name":"my_UNTAGGED_SIG", "tag":"", "enabled":false } ], "type":"explicit" }, "entityType":"url", "action":"update-append", "description":"Disable the matched signature on the matched URL" } ]
  5. Import the updated declarative policy, refer to Declarative policy import.