BIG-IQ ASM Signatures

Overview

API used to list all ASM signatures.

Version information

Version : 5.2, 5.3, 5.4

URI scheme

BasePath : /mgmt/cm/asm/working-config
Schemes : HTTPS

Consumes

  • application/json

Produces

  • application/json

Paths

List all ASM signatures as a collection.

GET /signatures

Description

Returns the collection of ASM signatures.

Responses

HTTP Code Description Schema
200 GET collection of ASM signatures. properties_signature_collection
400 Error response “Bad Request” 400_error_collection
401 Error response “Unauthorized” 401_error_collection
404 Error response Public URI path not registered. 404_error_collection

Used to get a single instance of a ASM signature object.

GET /signatures/{objectId}

Description

Returns an ASM signature object identified by id for an endpoint URI.

Parameters

Type Name Description Schema Default
Path objectId Unique system generated ID associated with the signature. required string(UUID) None

Responses

HTTP Code Description Schema
200 ASM signature object. properties_signature
400 Server error response “Bad Request”. 400_error_collection
401 Error response “Unauthorized” 401_error_collection
404 Error response Public URI path not registered. 404_error_collection

Definitions

400_error_collection

Name Description Schema
errorStack Error stack trace returned by java. optional, read-only string
items Collection if attack signatures. optional < object > array
kind Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only string
message Error message returned from server. Bad Request optional, read-only string
requestBody The data in the request body. GET (None) optional, read-only string
requestOperationId Unique id assigned to rest operation. optional, read-only integer(int64)

401_error_collection

Name Description Schema
errorStack Error stack trace returned by java. optional, read-only string
items Collection if attack signatures. optional < object > array
kind Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only string
message Error message returned from server. Unauthorized optional, read-only string
requestBody The data in the request body. GET (None) optional, read-only string
requestOperationId Unique id assigned to rest operation. optional, read-only integer(int64)

404_error_collection

Name Description Schema
errorStack Error stack trace returned by java. optional, read-only string
items Collection of attack signatures. optional < object > array
kind Type information for ASM web application security signatures - cm:asm:working-config:signatures:signaturecollectionstate. optional, read-only string
message Error message returned from server. URI registration optional, read-only string
requestBody The data in the request body. GET (None) optional, read-only string
requestOperationId Unique id assigned to rest operation. optional, read-only integer(int64)

properties_signature

Name Description Schema
accuracy Indicates the ability of the attack signature to identify the attack including susceptibility to false-positive alarms: Low: Indicates a high likelihood of false positives. Medium: Indicates some likelihood of false positives. High: Indicates a low likelihood of false positives. optional string
attackTypeReference Reference link to attack type properties. ex. uuid, name, bigipAttackId optional attackTypeReference
bundleVersion Indicates the bundle version of the attack signature. optional integer
description Description of ASM attack signature. optional string
generation A integer that will track change made to a ASM attack signature object. generation. optional, read-only integer(int64)
id Unique id assocaited with ASM attack signature. optional string
isUserDefined Is this ASM signature created by a user or pre packaged by the system. optional boolean
lastUpdateMicros Update time (micros) for last change made to a ASM attack signature object. optional, read-only integer(int64)
matchesWihtinJson A boolean value which indicates whether the signature will be matched within the scope of this policy object type. (JSON Profiles). optional boolean
matchesWithinCookie A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Cookies). optional boolean
matchesWithinGwt A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (GWT profiles). optional boolean(kind)
matchesWithinParameter A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Parameters). optional boolean
matchesWithinPlainText A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Plain Text Profiles). optional boolean(kind)
matchesWithinRequest A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (Request Headers). optional boolean(kind)
matchesWithinUri A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (URLs). optional boolean(kind)
matchesWithinXml A boolean value which indicates whether the signature will be matched withing the scope of this policy object type (XML Profiles). optional boolean(kind)
modificationDateMicros Value of the last modified time in micros. optional integer
name Name of ASM attack signature. optional string
partition BIG-IP partition this ASM attack signature object exists. optional string
revision BIG-IQ maintains a version # to track changes of ASM signatures. optional string
risk Indicates the level of potential damage this attack might cause if it is successful: Low: Indicates the attack does not cause direct damage or reveal highly sensitive data. Medium: Indicates the attack may reveal sensitive data or cause moderate damage. High: Indicates the attack may cause a full system compromise. optional string
selfLink A reference link URI to the ASM attack signature object. optional, read-only string
signatureId Unique id assigned to a ASM signature object. optional, read-only string
signatureType Used to identify the category of web application attack type associated with the signature. Table 11.1 lists types. optional string
systems Displays which systems (for example web applications, web servers databases, and application frameworks) where the signature is relevant. optional < systems > array

attackTypeReference

Name Description Schema
link Reference link to attack type. optional string

systems

Name Description Schema
systemReference Reference link to ASM system. optional systemReference

systemReference

Name Description Schema
link Reference link to ASM system. optional string

properties_signature_collection

Name Description Schema
generation A integer that will track change made to web application security signatures collection object. optional, read-only integer(int64)
items Collection of ASM attack signatures. optional < object > array
kind Type information for web application security signatures collection object. optional, read-only string
lastUpdateMicros Update time (micros) for last change made to web application security signatures collection object. time. optional, read-only integer(int64)
selfLink A reference link URI to web application security signatures collection object. optional, read-only string