ltm rule command ASM raiseΒΆ

iRule(1)		      BIG-IP TMSH Manual		      iRule(1)



ASM::raise
       Issues a user-defined violation on the request.

SYNOPSIS
       ASM::raise VIOLATION_NAME (VIOLATION_DETAILS)?

DESCRIPTION
       Issues a user-defined violation on the request. The violation is added
       to other possible violations, either raised by the ASM or by previous
       invocations of this command. The consequent action is determined by the
       blocking setting per the raised violation, e.g. if the violation was
       set to block, then the request will be blocked.

       Syntax

       ASM::raise 

	    * The name attribute of the violation. It must be a user-defined
	      (custom) violation.

       ASM::raise  []

	    * A multimap, that is a list of key-value pairs, each pair being a
	      list of two elements, adding information on the violation, where it
	      occurred and what exactly caused it. For example offset and length
	      into the original request, header name in which the problem was
	      found, parameter name or value etc. The details are completely
	      opaque to ASM which simply copies them to the log. No check is done
	      on the completeness or validity of the list - it is the
	      responsibility of the iRule developer to maintain it. The maximum
	      number of elements in the array is 20. Note that the same key may
	      have more than one value.

	  Notes:
	    * If Session Awareness feature is enabled, then the raised violation
	      will disregard any of the Session Awareness accounting and
	      decisions.
	    * Raising a blocking violation will not prevent the request from
	      being sent to Antivirus scanning (if configured). This is different
	      than the behavior when a built-in violation is detected by ASM in
	      which case the request does not undergo antivirus scanning.

RETURN VALUE
VALID DURING
       ASM_REQUEST_DONE, ASM_REQUEST_VIOLATION

EXAMPLES
	Buildup of the violation details and then issuing the violation:

	when ASM_REQUEST_DONE {
	  set x []
	  set y []
	  set z []
	  lappend y key1 value1
	  lappend z key1 value2
	  lappend x $y $z
	  log local0. $x

	  ASM::raise my_custom_violation $x
	}

	The logged message will show:

	{key1 value1} {key1 value2}

	This is a more concrete example: it counts the number of violations,
	and if it exceeds 3, it issues a custom "too many violations"
	violation.

	when ASM_REQUEST_DONE {
	   if {[ASM::violation count] > 3 and [ASM::severity] eq "Error"} {
	      ASM::raise VIOLATION_TOO_MANY_VIOLATIONS
	   }
	}

HINTS
SEE ALSO
CHANGE LOG
       @BIGIP-11.5.0 --First introduced the command.



BIG-IP				  2017-01-31			      iRule(1)