ASM Signatures¶
Overview¶
API used to list all ASM signatures.
REST Endpoint: /mgmt/cm/asm/working-config/signatures¶
Requests¶
List all ASM signatures as a collection.
GET /mgmt/cm/asm/working-config/signatures¶
Request Parameters¶
None
Query Parameters¶
None
Response¶
Returns the collection of ASM signatures.
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
generation | integer(int64) | A integer that will track change made to web application security signatures collection object. read-only |
items | < object > array | Collection of ASM attack signatures. optional |
kind | string | Type information for web application security signatures collection object. read-only |
lastUpdateMicros | integer(int64) | Update time (micros) for last change made to web application security signatures collection object. read-only |
selfLink | string | A reference link URI to web application security signatures collection object. read-only |
Error Response¶
HTTP/1.1 400 Bad Request
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. Bad Request optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
HTTP/1.1 403 Unauthorized
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. Unauthorized optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
HTTP/1.1 404
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. URI registration optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
Permissions¶
Role | Allow |
---|---|
Security Manager | Yes |
Web Application Manager | Yes |
Web Application Editor | Yes |
Web Application Viewer | Yes |
Web Application Deployer | Yes |
GET /mgmt/cm/asm/working-config/signatures/<objectId>¶
Used to get a single instance of a ASM signature object.
Request Parameters¶
Name | Type | Required | Description |
---|---|---|---|
< objectId > | string(UUID) | True | Unique system generated ID associated with the signature. |
Query Parameters¶
None
Response¶
Returns an ASM signature object identified by id for an endpoint URI.
HTTP/1.1 200 OK
Name | Type | Description |
---|---|---|
accuracy | string | Indicates the ability of the attack signature to identify the attack including susceptibility to false-positive alarms: Low: Indicates a high likelihood of false positives. Medium: Indicates some likelihood of false positives. High: Indicates a low likelihood of false positives. optional |
attackTypeReference | string | Reference link to attack type properties. ex. uuid, name, bigipAttackId optional |
link | string | Reference link to attack type. optional |
bundleVersion | integer | Indicates the bundle version of the attack signature. optional |
description | string | Description of ASM attack signature. optional |
generation | integer(int64) | A integer that will track change made to a ASM attack signature object. generation. read-only |
id | string | Unique id associated with ASM attack signature. |
isUserDefined | boolean | Is this ASM signature created by a user or pre packaged by the system. optional |
lastUpdateMicros | integer(int64) | Update time (micros) for last change made to a ASM attack signature object. read-only |
matchesWithinJson | boolean | A boolean value which indicates whether the signature will be matched within the scope of this policy object type. (JSON Profiles). optional |
matchesWithinCookie | boolean | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Cookies). optional |
matchesWithinGwt | boolean(kind) | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (GWT profiles). optional |
matchesWithinParameter | boolean | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Parameters). optional |
matchesWithinPlainText | boolean(kind) | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Plain Text Profiles). optional |
matchesWithinRequest | boolean(kind) | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Request Headers). optional |
matchesWithinUri | boolean(kind) | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (URLs). optional |
matchesWithinXml | boolean(kind) | A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (XML Profiles). optional |
matchesWithinHeader | boolean(kind) | A boolean value which indicates whether the signature will be matched within the scope of this policy object type. (Headers). optional |
matchesWithinResponse | boolean(kind) | A boolean value which indicates whether the signature will be matched within the scope of this policy object type. (Responses). optional |
rule | string | This value is not defined for Factory signatures. It is mandatory for user defined signatures and it defines the content of the signature rule. optional |
modificationDateMicros | integer | Value of the last modified time in micros. optional |
name | string | Name of ASM attack signature. |
partition | string | BIG-IP partition this ASM attack signature object exists. optional |
revision | string | BIG-IQ maintains a version # to track changes of ASM signatures. optional |
risk | string | Indicates the level of potential damage this attack might cause if it is successful: Low: Indicates the attack does not cause direct damage or reveal highly sensitive data. Medium: Indicates the attack may reveal sensitive data or cause moderate damage. High: Indicates the attack may cause a full system compromise. optional |
selfLink | string | A reference link URI to the ASM attack signature object. read-only |
signatureId | string | Unique id assigned to a ASM signature object. read-only |
signatureType | string | Used to identify the category of web application attack type associated with the signature. Table 11.1 lists types. optional |
systems | array | Displays which systems (for example web applications, web servers databases, and application frameworks) where the signature is relevant. optional |
systemReference | link | Reference link to ASM system. optional |
link | string | Reference link to ASM system. optional |
issueTracking | array | Contains a list of issueTracking which indicates the type and the URL reference. This is available only in Factory Signatures optional |
type | string | URL |
value | string | Reference link to an external website explaining this attack signature, or displays |
Error Response¶
HTTP/1.1 400 Bad Request
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. Bad Request optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
HTTP/1.1 403 Unauthorized
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. Unauthorized optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
HTTP/1.1 404
Name | Type | Description |
---|---|---|
errorStack | string | Error stack trace returned by java. optional, read-only |
kind | string | Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only |
message | string | Error message returned from server. URI registration optional, read-only |
requestBody | string | The data in the request body. GET (None) optional, read-only |
requestOperationId | integer(int64) | Unique id assigned to rest operation. optional, read-only |
referer | string | IP address. optional, read-only |
Permissions¶
Role | Allow |
---|---|
Security Manager | Yes |
Web Application Manager | Yes |
Web Application Editor | Yes |
Web Application Viewer | Yes |
Web Application Deployer | Yes |
Examples¶
None