ltm rule command BOTDEFENSE client class¶

iRule(1) BIG-IP TMSH Manual iRule(1)

BOTDEFENSE::client_class
Returns the classification of the client based on the current request and its browsing history. When invoked from
BOTDEFENSE_REQUEST event the command reflects the classification based on bot signature, or on the browser anomalies found
for this client (if any), if the client was initially classified as a browser by its User-Agent string, or "unknown" in any
other case. When invoked from BOTDEFENSE_ACTION anomaly the command reflects the classification after fully inspecting the
current request.

SYNOPSIS
BOTDEFENSE::client_class

DESCRIPTION
Returns the classification of the client that sent the request. The returned value is one of the following strings:*
unknown* browser* mobile_application* trusted_bot* untrusted_bot* malicious_bot* suspicious_browser. The command is similar
to BOTDEFENSE::client_type but with higher resolution for bot classification: when BOTDEFENSE::client_type returns "bot",
BOTDEFENSE::client_class returns the exact type of bot: malicious, trusted or untrusted.

Syntax

BOTDEFENSE::client_class

RETURN VALUE
Returns the classification of the client that sent the request. When invoked in the BOTDEFENSE_REQUEST event it returns the
type based on the previous requests of the same client, or "unknown" if the client is not recognized. When invoked in the
BOTDEFENSE_ACTION event, the return value reflects the processing of the current request on top of the accumulated history
of the client

VALID DURING
BOTDEFENSE_ACTION, BOTDEFENSE_REQUEST

EXAMPLES
when BOTDEFENSE_REQUEST {
log.local0. "Client type before processing request: [BOTDEFENSE::client_class]"
}

when BOTDEFENSE_ACTION {
log.local0. "Client type after processing request: [BOTDEFENSE::client_class]"
}

HINTS
SEE ALSO
CHANGE LOG
@BIGIP-14.1 --First introduced the command.

BIG-IP 2022-04-12 iRule(1)