Manual Chapter : Uploading a user defined signatures set

Applies To:

Show Versions Show Versions

BIG-IP ASM

  • 16.0.0
Manual Chapter

Uploading a user defined signatures set

  1. Upload the signature set file to the BIG-IP.
    Send the POST request
    https:/ /<your-BIG-IP>/mgmt/tm/asm/file-transfer/uploads/task
    The following is an example signatures set file context:
    { "softwareVersion": "16.1.0", "revisionDatetime": "2020-01-15T08:57:10Z", "tag": "user", "signatures": [ { "name": "user_sig", "rule": "valuecontent:\"/userSig/V\"; nocase; httponly; norm;", "signatureType": "request", "lastUpdateMicros": "1575450273000000", "attackType": { "name": "Brute Force Attack" }, "revision": "2", "systems": [ { "name": "Microsoft Windows" }, { "name": "Unix/Linux" } ], "risk": "medium", "accuracy": "medium", "description": "Users user defined sig 5 updated" }, { "name": "user_sig_51", "rule": "re2:\"/UserSig51/V\"; nocase; norm;", "signatureType": "request", "lastUpdateMicros": "1575450273000000", "attackType": { "name": "Brute Force Attack" }, "revision": "2", "systems": [ { "name": "Microsoft Windows" }, { "name": "Unix/Linux" } ], "risk": "medium", "accuracy": "medium", "description": "Users user defined sig 51 updated" }, { "name": "user_sig_52", "rule": "re2:\"/UserSig52/V\"; nocase; norm;", "signatureType": "request", "lastUpdateMicros": "1575450273000000", "attackType": { "name": "Brute Force Attack" }, "revision": "2", "risk": "medium", "accuracy": "medium", "description": "Users user defined sig 52" } ] }
  2. Update the signatures.
    Send the POST request
    https:/ /<your-BIG-IP>/mgmt/tm/asm/tasks/update-signatures/
    .
    Use following body content:
    { "filename":"sigfile.json", "isUserDefined":true }
  3. Upload the policy to the BIG-IP.
    The following is an example policy file context:
    { "policy": { "name": "policy_override_user_defined_sig_on_parameter_foo", "description": "JSON declarative policy for CICD", "template": { "name": "POLICY_TEMPLATE_FUNDAMENTAL" }, "applicationLanguage": "utf-8", "enforcementMode": "blocking", "caseInsensitive": false, "protocolIndependent": false, "enablePassiveMode": false, "signature-requirements": [ { "tag": "user", "minRevisionDatetime": "2019-01-15T08:57:10Z", "maxRevisionDatetime": "2020-02-15T08:57:10Z" } ], "signatures": [ { "name": "user_sig", "tag": "test", "enabled": true, "learn": true, "performStaging": false } ], "signature-sets": [ { "name": "user_sigs", "block": true, "learn": true, "signatureSet": { "filter": { "tagValue": "test", "tagFilter": "eq" } } } ], "modifications": [ { "entity": { "level": "global", "name": "foo" }, "entityKind": "tm:asm:policies:parameters:parameterstate", "entityChanges": { "type": "explicit", "signatureOverrides":[ { "name": "user_sig", "tag": "test", "enabled": false } ] }, "action": "add-or-update", "description": "Disable signature on parameter." } ] } }