Inspecting Application Profile Rules¶
To view the rules in the application structure, go to the Rules section of Wallarm Console. This section represents branches and endpoints that are already known.
The system automatically groups the rules by branches, highlighting common conditions and building a tree-like structure. As a result, a branch may have child branches. To show or hide nested branches, click on the blue circle to the left of the branch description.
** in a branch description refer to any number of nested paths. For instance, the branch
/**/*.php will contain both
The size of the blue circle indicates the relative quantity of the nested branches. Its color indicates the relative quantity of the rules within the branch and its sub-branches. On each nesting level, the size and color of the circles are independent from each other.
To the right of the branch description, the system may display an orange number, which indicates the number of rules in that branch (only the direct descendants, not the nested rules). If no number is displayed, then that branch is "virtual" — it is used only for grouping similar sub-branches.
Branches with no rules available for the user (according to the privilege model) are automatically hidden .
In each branch, the user can look through the list of rules attached to it. To switch over to the page with the rule list, click on the description of the corresponding branch.
The rules within a branch are grouped by the point field. The rules that affect the entire request, rather than individual parameters, are grouped together into one line. To see the entire list, click on the line.
For each rule, the system displays the following parameters: last modified time, quantity, types, and point.
You can create rules with specified action but not linked to any endpoint - they are called default rules. Such rules are applied to all endpoints.
To create default rule, follow the standard procedure but leave URI blank. The new rule not linked to any endpoint will be created.
To view the list of created default rules, click the Default rules button.
Traffic filtration mode default rule
Default rules are inherited by all branches.
Distinct and inherited rules¶
The rules are inherited down the rules branch. Principles:
All branches inherit default rules.
In a branch, child endpoints inherit rules from the parent.
Distinct has priority over inherited.
Directly specified has priority over regex.
Here are some details of how to work with the rules branch:
To expand the endpoint, click the blue circle.
Endpoints that do not have distinct rules are greyed out and not clickable.
To view rules for the endpoint, click it. First, distinct rules for this endpoint will be displayed.
When viewing the rule list for the specific endpoint, click Distinct and inherited rules to display the inherited ones. Inherited rules will be displayed together with the distinct; they will be greyed out compared to distinct.
API calls to get rules¶
To get custom rules, you can call the Wallarm API directly besides using the Wallarm Console UI. Below are some examples of the corresponding API calls.
Get all configured rules
Get only conditions of all rules
Get rules attached to a specific condition
To point to a specific condition, use its ID - you can get it when requesting conditions of all rules (see above).