github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-06-28 16:41:02 +03:00
Code Issues Packages Projects Releases Wiki Activity

Update and rename schema_v1beta2.yaml to schema_v1beta1.yaml

Browse Source
This commit is contained in:
orianelou 2025-05-13 16:20:31 +03:00 committed by GitHub
parent c8743d4d4b
commit 2c7b5818e8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 434 additions and 752 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

434
config/linux/v1beta1/schema/schema_v1beta1.yaml Normal file
View File

@ -0,0 +1,434 @@
ype: object
properties:
policies:
type: object
properties:
default:
type: object
properties:
custom-response:
type: string
exceptions:
items:
type: string
type: array
mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
type: string
practices:
items:
type: string
type: array
source-identifiers:
type: string
triggers:
items:
type: string
type: array
trusted-sources:
type: string
required:
- mode
- practices
- triggers
specific-rules:
type: array
items:
properties:
host:
type: string
custom-response:
type: string
exceptions:
items:
type: string
type: array
mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
type: string
practices:
items:
type: string
type: array
source-identifiers:
type: string
triggers:
items:
type: string
type: array
trusted-sources:
type: string
required:
- mode
- host
- practices
- triggers
type: object
practices:
type: array
items:
properties:
name:
type: string
anti-bot:
properties:
injected-URIs:
items:
properties:
uri:
type: string
type: object
type: array
override-mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- as-top-level
type: string
default: "inactive"
validated-URIs:
items:
properties:
uri:
type: string
type: object
type: array
type: object
openapi-schema-validation:
properties:
files:
items:
type: string
type: array
override-mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- as-top-level
type: string
type: object
snort-signatures:
properties:
files:
items:
type: string
type: array
override-mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- as-top-level
type: string
type: object
web-attacks:
properties:
max-body-size-kb:
type: integer
max-header-size-bytes:
type: integer
max-object-depth:
type: integer
max-url-size-bytes:
type: integer
minimum-confidence:
enum:
- medium
- high
- critical
type: string
override-mode:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- as-top-level
type: string
protections:
properties:
csrf-enabled:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
type: string
error-disclosure-enabled:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
type: string
non-valid-http-methods:
type: boolean
open-redirect-enabled:
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
type: string
type: object
type: object
required:
- name
custom-responses:
type: array
minItems: 0
items:
type: object
properties:
name:
type: string
http-response-code:
maximum: 599
minimum: 100
default: 403
type: integer
message-body:
type: string
default: "Attack blocked by web application protection"
message-title:
type: string
default: "Openappsec's <b>Application Security</b> has detected an attack and blocked it."
mode:
enum:
- block-page
- response-code-only
type: string
required:
- name
log-triggers:
type: array
minItems: 0
items:
type: object
properties:
name:
type: string
access-control-logging:
properties:
allow-events:
type: boolean
default: false
drop-events:
type: boolean
default: false
type: object
additional-suspicious-events-logging:
properties:
enabled:
type: boolean
default true:
minimum-severity:
enum:
- high
- critical
type: string
default: "high"
response-body:
type: boolean
default: false
response-code:
type: boolean
default: true
type: object
appsec-logging:
properties:
all-web-requests:
type: boolean
default: false
detect-events:
type: boolean
default: false
prevent-events:
type: boolean
default: true
type: object
extended-logging:
properties:
http-headers:
type: boolean
default: false
request-body:
type: boolean
default: false
url-path:
type: boolean
default: false
url-query:
type: boolean
default: false
type: object
log-destination:
properties:
cef-service:
minItems: 0
items:
properties:
address:
type: string
port:
type: integer
proto:
enum:
- tcp
- udp
type: string
type: object
type: array
cloud:
type: boolean
default: false
stdout:
properties:
format:
enum:
- json
- json-formatted
type: string
default: json
type: object
syslog-service:
minItems: 0
items:
properties:
address:
type: string
port:
type: integer
type: object
type: array
type: object
required:
- name
exceptions:
type: array
minItems: 0
items:
type: object
properties:
name:
type: string
action:
enum:
- skip
- accept
- drop
- suppressLog
type: string
comment:
type: string
countryCode:
items:
type: string
type: array
countryName:
items:
type: string
type: array
hostName:
items:
type: string
type: array
paramName:
items:
type: string
type: array
paramValue:
items:
type: string
type: array
protectionName:
items:
type: string
type: array
sourceIdentifier:
items:
type: string
type: array
sourceIp:
items:
type: string
type: array
url:
items:
type: string
type: array
required:
- name
- action
trusted-sources:
type: array
minItems: 0
items:
type: object
properties:
name:
type: string
minNumOfSources:
type: integer
minimum: 1
default: 3
sources-identifiers:
items:
type: string
type: array
required:
- name
- sources-identifiers
source-identifiers:
type: array
minItems: 0
items:
type: object
properties:
name:
type: string
identifiers:
type: array
minItems: 1
items:
type: object
source-identifier:
enum:
- headerkey
- JWTKey
- cookie
- sourceip
- x-forwarded-for
type: string
value:
items:
type: string
type: array
required:
- source-identifier
required:
- name
- identifiers
additionalProperties: false

752
config/linux/v1beta1/schema/schema_v1beta2.yaml
View File

@ -1,752 +0,0 @@
type: object
properties:
apiVersion:
type: string
enum:
- v1beta1
- v1beta2
policies:
type: object
properties:
appsecClassName:
type: string
default:
type: object
required:
- mode
- threatPreventionPractices
- accessControlPractices
properties:
mode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
default: detect-learn
threatPreventionPractices:
type: array
items:
type: string
accessControlPractices:
type: array
items:
type: string
customResponse:
type: string
default: "403"
triggers:
type: array
items:
type: string
sourceIdentifiers:
type: string
trustedSources:
type: string
exceptions:
type: array
items:
type: string
specificRules:
type: array
items:
type: object
properties:
name:
type: string
host:
type: string
mode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
default: detect-learn
threatPreventionPractices:
type: array
items:
type: string
accessControlPractices:
type: array
items:
type: string
triggers:
type: array
items:
type: string
customResponse:
type: string
sourceIdentifiers:
type: string
trustedSources:
type: string
exceptions:
type: array
items:
type: string
logTriggers:
type: array
items:
type: object
required:
- accessControlLogging
- appsecLogging
- additionalSuspiciousEventsLogging
- extendedLogging
- logDestination
properties:
appsecClassName:
type: string
name:
type: string
accessControlLogging:
type: object
properties:
allowEvents:
type: boolean
default: false
dropEvents:
type: boolean
default: true
appsecLogging:
type: object
properties:
detectEvents:
type: boolean
default: true
preventEvents:
type: boolean
default: true
allWebRequests:
type: boolean
default: false
additionalSuspiciousEventsLogging:
type: object
properties:
enabled:
type: boolean
default: true
minSeverity:
type: string
enum:
- high
- critical
default: high
responseBody:
type: boolean
default: false
responseCode:
type: boolean
default: true
extendedLogging:
type: object
properties:
urlPath:
type: boolean
default: false
urlQuery:
type: boolean
default: false
httpHeaders:
type: boolean
default: false
requestBody:
type: boolean
default: false
logDestination:
type: object
properties:
cloud:
type: boolean
default: false
local-tuning:
type: boolean
default: false
syslogService:
type: array
items:
type: object
properties:
address:
type: string
port:
type: integer
logToAgent:
type: boolean
default: true
stdout:
type: object
properties:
format:
type: string
enum:
- json
- json-formatted
default: json
cefService:
type: array
items:
type: object
properties:
address:
type: string
port:
type: integer
proto:
type: string
enum:
- tcp
- udp
threatPreventionPractices:
type: array
items:
type: object
required:
- webAttacks
- intrusionPrevention
- fileSecurity
- snortSignatures
properties:
appsecClassName:
type: string
name:
type: string
practiceMode:
type: string
enum:
- inherited
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
default: inherited
webAttacks:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
minimumConfidence:
type: string
enum:
- medium
- high
- critical
default: high
maxUrlSizeBytes:
type: integer
default: 32768
maxObjectDepth:
type: integer
default: 40
maxBodySizeKb:
type: integer
default: 1000000
maxHeaderSizeBytes:
type: integer
default: 102400
protections:
type: object
properties:
csrfProtection:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
errorDisclosure:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
openRedirect:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
nonValidHttpMethods:
type: boolean
default: false
antiBot:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
injectedUris:
type: array
items:
type: object
properties:
uri:
type: string
validatedUris:
type: array
items:
type: object
properties:
uri:
type: string
snortSignatures:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
configmap:
type: array
items:
type: string
files:
type: array
items:
type: string
schemaValidation:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
enforcementLevel:
type: string
configmap:
type: array
items:
type: string
files:
type: array
items:
type: string
intrusionPrevention:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
maxPerformanceImpact:
type: string
enum:
- low
- medium
- high
default: medium
minSeverityLevel:
type: string
enum:
- low
- medium
- high
- critical
default: medium
minCveYear:
type: integer
default: 2016
highConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: inherited
mediumConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: inherited
lowConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: detect
fileSecurity:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent-learn
- detect-learn
- prevent
- detect
- inactive
- inherited
default: inactive
minSeverityLevel:
type: string
enum:
- low
- medium
- high
- critical
default: medium
highConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: inherited
mediumConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: inherited
lowConfidenceEventAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: detect
archiveInspection:
type: object
properties:
extractArchiveFiles:
type: boolean
default: false
scanMaxFileSize:
type: integer
default: 10
scanMaxFileSizeUnit:
type: string
enum:
- bytes
- KB
- MB
- GB
default: MB
archivedFilesWithinArchivedFiles:
type: string
enum:
- prevent
- detect
- inactive
- inherited #as set in overrideMode for fileSecurity
default: inherited
archivedFilesWhereContentExtractionFailed:
type: string
enum:
- prevent
- detect
- inactive
- inherited #as set in overrideMode for fileSecurity
default: inherited
largeFileInspection:
type: object
properties:
fileSizeLimit:
type: integer
default: 10
fileSizeLimitUnit:
type: string
enum:
- bytes
- KB
- MB
- GB
default: MB
filesExceedingSizeLimitAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited #as set in overrideMode for fileSecurity
default: inherited
unnamedFilesAction:
type: string
enum:
- prevent
- detect
- inactive
- inherited #as set in overrideMode for fileSecurity
default: inherited
threatEmulationEnabled:
type: boolean
default: false
accessControlPractices:
type: array
items:
type: object
required:
- rateLimit
properties:
appsecClassName:
type: string
name:
type: string
practiceMode:
type: string
enum:
- inherited #inherited from mode set in policy
- prevent
- detect
- inactive
default: inherited
rateLimit:
type: object
required:
- overrideMode
properties:
overrideMode:
type: string
enum:
- prevent
- detect
- inactive
- inherited
default: inactive
rules:
type: array
items:
type: object
properties:
action: # currently not supported
type: string
enum:
- inherited
- prevent
- detect
default: inherited
condition: # currently not supported
type: array
items:
type: object
required:
- key
- value
properties:
key:
type: string
value:
type: string
uri:
type: string
limit:
type: integer
unit:
type: string
enum:
- minute
- second
default: minute
triggers:
type: array
items:
type: string
comment:
type: string
customResponses:
type: array
items:
type: object
required:
- mode
properties:
appsecClassName:
type: string
name:
type: string
mode:
type: string
enum:
- block-page
- redirect
- response-code-only
default: response-code-only
messageTitle:
type: string
messageBody:
type: string
httpResponseCode:
type: integer
minimum: 100
maximum: 599
default: 403
redirectUrl:
type: string
redirectAddXEventId:
type: boolean
default: false
sourcesIdentifiers:
type: array
items:
type: object
required:
- sourcesIdentifiers
properties:
name:
type: string
sourcesIdentifiers:
type: array
items:
type: object
required:
- identifier
properties:
identifier:
type: string
enum:
- headerkey
- JWTKey
- cookie
- sourceip
- x-forwarded-for
default: sourceip
value:
type: array
items:
type: string
exceptions:
type: array
items:
type: object
required:
- action
- condition
properties:
appsecClassName:
type: string
name:
type: string
action:
type: string
enum:
- skip
- accept
- drop
- suppressLog
default: accept
condition:
type: array
items:
type: object
required:
- key
- value
properties:
key:
type: string
value:
type: string
trustedSources:
type: array
items:
type: object
required:
- minNumOfSources
- sourcesIdentifiers
properties:
appsecClassName:
type: string
name:
type: string
minNumOfSources:
type: integer
default: 3
sourcesIdentifiers:
type: array
items:
type: string
policyActivations:
type: array
items:
type: object
properties:
appsecClassName:
type: string
enabledPolicies:
type: array
items:
type: object
properties:
name:
type: string
hosts:
type: array
items:
type: string
required:
- hosts
required:
- enabledPolicies
additionalProperties: false