How to: Configure Attack Signatures¶
In this example, all signatures are configured to be enforced:
{
"policy": {
"name": "attack_sigs",
"template": {
"name": "POLICY_TEMPLATE_RATING_BASED"
},
"applicationLanguage": "utf-8",
"enforcementMode": "blocking",
"signature-sets": [
{
"name": "All Signatures",
"block": true,
"alarm": true
}
]
}
}
In this example, only high accuracy signatures are configured to be enforced, but SQL Injection signatures are detected and reported:
{
"policy": {
"name": "attack_sigs",
"template": {
"name": "POLICY_TEMPLATE_RATING_BASED"
},
"applicationLanguage": "utf-8",
"enforcementMode": "blocking",
"signature-sets": [
{
"name": "High Accuracy Signatures",
"block": true,
"alarm": true
},
{
"name": "SQL Injection Signatures",
"block": false,
"alarm": true
}
]
}
}