How to determine each triggered WAF rule anomaly score
Information
| Summary: |
Kemp WAF logs not logging the anomaly score for each request |
||||||||||
| Environment: |
Product: LoadMaster Version: 7.2.54 and above. Platform: Any. Application: HTTP(S) based. |
||||||||||
| Question/Problem Description: |
How to get the Kemp WAF logs to show the anomaly score for each individual request? |
||||||||||
| Steps to Reproduce: | |||||||||||
| Error Message: | |||||||||||
| Defect Number: | |||||||||||
| Enhancement Number: | |||||||||||
| Cause: | To know why the LoadMaster isn't logging the anomaly scores for each individual request | ||||||||||
| Resolution: | The logs wont actually show the anomaly score of each rule but it will show the severity associated which can be mapped using the following chart:
For instance, using the example above, we see the rule 920350 is marked as [severity "WARNING"] which means that the anomaly score for said rule is 3. |
||||||||||
| Workaround: | |||||||||||
| Notes: |
Was this article helpful?
0 out of 0 found this helpful