wvs policy

Use this command to define a web vulnerability scan policy. The policy enables you to set the frequency of the vulnerability scan, schedule the scan, and choose a format for the scan report. The policy also enables you to select an email policy that determines who receives the scan report.


Variable	Description	Default
<wvs-policy_name>	Type the name of a new or existing web vulnerability scan policy. The maximum length is 35 characters. To display the list of existing policies, type: edit ?	No default.
type {runonce \| schedule}	Select either: • runonce — Run the scan immediately after you complete the policy. • schedule — Run the scan on a schedule. Also configure schedule <wvs-schedule_name>.	runonce
schedule <wvs-schedule_name>	Type the name of an existing web vulnerability scan schedule. See “config wvs schedule”. The maximum length is 35 characters. To display the list of existing schedules, type: set schedule ? This setting is applicable only if type is schedule.	No default.
profile <wvs-profile_name>	Type the name of an existing web vulnerability scan profile.	No default.
email <email-policy_name>	Type the name of an existing email policy. See “config log email-policy”. When the scan completes, the FortiWeb appliance will send email in the specified format to the email addresses in the policy. The maximum length is 35 characters. To display the list of existing policy, type: set email ?	No default.
report_format {html mht pdf rtf text}	Select one or more file formats of the report to attach when emailing it.	html
runtime <count_int>	Not configurable. To reset the value to zero, enter: set runtime 0	No default.