log : threat‑weight
 
threat‑weight
Use this command to configure client reputation profiles.
Syntax
config log threat-weight
set blocked-connection {disable | low | medium | high | critical}
set failed-connection {disable | low | medium | high | critical}
set malware-detected {disable | low | medium | high | critical}
set max-rep-db-size <MBytes_int>
set url-block-detected {disable | low | medium | high | critical}
set window-size <wsize_int>
config application
edit <app_id>
set category <category_int>
set level {disable | low | medium | high | critical}
end
config geolocation
edit <geoentry_ID>
set country <country_code)
set level {disable | low | medium | high | critical}
end
config ips
set low <int>
set medium <int>
set high <int>
set critical <int>
end
config level
set low <int>
set medium <int>
set high <int>
set critical <int>
end
config web
edit <webentry_ID>
set category <category_int>
set level {disable | low | medium | high | critical}
end
end
 
Variable
Description
Default
blocked-connection {disable | low | medium | high | critical}
Select which score level to use for blocked connection status: low, medium, high or critical.
high
botnet-connection-detected {disable | low | medium | high | critical}
Select which score level to use for a detected botnet connection status: low, medium, high or critical.
critical
failed-connection {disable | low | medium | high | critical}
Select which score level to use for failed connection status: low, medium, high or critical.
low
malware-detected {disable | low | medium | high | critical}
Select which score level to use for malware detected status: low, medium, high or critical.
low
max-rep-db-size <MBytes_int>
Set the maximum client reputation database size in MBytes. Range 10 to 2000.
100
url-block-detected {disable | low | medium | high | critical}
Select which score level to use for URL block detected status: low, medium, high or critical.
low
window-size <wsize_int>
Enter the reputation data window size.
Range: 1 to 30 days.
7
config application variables
<app_id>
Enter an ID number for this application.
 
category <category_int>
Enter the category. To view the list of categories, enter set category ?
No default.
level {disable | low | medium | high | critical}
Select which score level to use: disable, low, medium, high or critical.
low
config geolocation variables
<geoentry_ID>
Enter an ID for this entry.
 
country <country_code)
Enter the country code. For a list of country codes, enter set country ?
No default.
level {disable | low | medium | high | critical}
Select which score level to use: disable, low, medium, high or critical.
low
config ips variables
info-severity-status {enable | disable}
Enable Information severity status level.
disable
low-severity-status {enable | disable}
Enable Low severity status level.
disable
medium-severity-status {enable | disable}
Enable Medium severity status level.
disable
high-severity-status {enable | disable}
Enable High severity status level.
disable
critical-severity-status {enable | disable}
Enable Critical severity status level.
disable
config level variables
low <int>
Set low threshold. Range 1 to 10.
5
medium <int>
Set medium threshold. Range 5 to 30.
10
high <int>
Set high threshold. Range 10 to 50.
30
critical <int>
Set critical threshold. Range 30 to 100.
50
config web variables
<webentry_ID>
Enter an ID for this entry.
 
category <category_int>
Enter the category. To view the list of categories, enter set category ?
No default.
level {disable | low | medium | high | critical}
Select which score level to use: disable, low, medium, high or critical.
low