ltm rule command BOTDEFENSE client class
iRule(1) BIG-IP TMSH Manual iRule(1)
BOTDEFENSE::client_class
Returns the classification of the client based on the current request
and its browsing history. When invoked from BOTDEFENSE_REQUEST event
the command reflects the classification based on bot signature, or on
the browser anomalies found for this client (if any), if the client was
initially classified as a browser by its User-Agent string, or
"unknown" in any other case. When invoked from BOTDEFENSE_ACTION
anomaly the command reflects the classification after fully inspecting
the current request.
SYNOPSIS
BOTDEFENSE::client_class
DESCRIPTION
Returns the classification of the client that sent the request. The
returned value is one of the following strings:* unknown* browser*
mobile_application* trusted_bot* untrusted_bot* malicious_bot*
suspicious_browser. The command is similar to BOTDEFENSE::client_type
but with higher resolution for bot classification: when
BOTDEFENSE::client_type returns "bot", BOTDEFENSE::client_class returns
the exact type of bot: malicious, trusted or untrusted.
Syntax
BOTDEFENSE::client_class
RETURN VALUE
Returns the classification of the client that sent the request. When
invoked in the BOTDEFENSE_REQUEST event it returns the type based on
the previous requests of the same client, or "unknown" if the client is
not recognized. When invoked in the BOTDEFENSE_ACTION event, the return
value reflects the processing of the current request on top of the
accumulated history of the client
VALID DURING
BOTDEFENSE_ACTION, BOTDEFENSE_REQUEST
EXAMPLES
when BOTDEFENSE_REQUEST {
log.local0. "Client type before processing request: [BOTDEFENSE::client_class]"
}
when BOTDEFENSE_ACTION {
log.local0. "Client type after processing request: [BOTDEFENSE::client_class]"
}
HINTS
SEE ALSO
CHANGE LOG
@BIGIP-14.1 --First introduced the command.
BIG-IP 2019-05-10 iRule(1)