Applies To:Show Versions
BIG-IQ Centralized Management
Managing Bot Signatures and Bot Signature
About bot signatures and bot signature
Create bot signatures
- In theNamefield, type a name for the bot signature.
- In thePartitionsetting, theCommonpartition is listed and cannot be changed.
- In theDomainssetting, you can add or delete domains.
- To add a domain, in theDomain Namefield, type the name in the Domain Name field and clickAdd.
- To delete a domain, select a domain from the list and clickRemove.
- From theCategorylist, select the appropriate category for the bot signature.
- In theRulesetting, create a rule for the bot signature using either simple or advanced editing.
- SelectSimple Edit Modeto create a rule by supplying what content the user agent and the URL should match.
- From theUser-agentlist, select the type of match, and then type the string to be matched in the user agent.
- From theURLlist, select the type of match, and then type the string to be matched in the URL.
- Select theAdvanced Edit Modeto create more complex rules, such as those containing multiple search strings or a conditional text match. You type the rule expression usingSnortcontrol syntax.Snortcontrol syntax is explained fully in the BIG-IP Application Security Manager documentation.
- Risklist, select the risk level associated with the bot signature.This allows you to indicate within the signature details the potential damage of the attack, if it were successful.
- ClickSave & Close.
Create bot signature categories
- ClickCreate.The New Bot Signature Category screen opens.
- Type aCategory Namefor the bot signature category, and use thePartitionsetting default ofCommon.
- From theCategory Typelist, select the appropriate type for the bot signature category, eitherMaliciousorBenign.
- Since you can only create user-defined bot signature categories, theUser-definedsetting is selected and cannot be changed.
- Save any changes.