FalsePositiveResult
{
"attack": false,
"confidence": "number",
"false_positive": false,
"fp_result_header": {
"end_analysis_time": "string",
"first_data_received_time": "string",
"last_data_received_time": "string",
"start_analysis_time": "string",
"transactions_count": 0
},
"http_method": "string",
"http_request_header_info": {
"header_field_name": "string",
"value": "string"
},
"params_info": {
"param_info": [
{
"param_name": "string",
"value": "string"
}
]
},
"rule_info": {
"matches": [
{
"match_element": "string",
"match_value": "string"
}
],
"rule_group_id": "string",
"rule_id": "string"
},
"uri": "string",
"uri_result_mode": "string"
}
This flag indicates whether this result is identifying an attack. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
Confidence on false positive detection. Allowed values are 0-100. Field introduced in 21.1.1. Unit is PERCENT. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
This flag indicates whether this result is identifying a false positive. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
HTTP method for URIs did false positive detection. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
URIs did false positive detection. Field introduced in 21.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.
What failing mode that false positive detected as for current URI. Enum options - ALWAYS_FAIL, SOMETIMES_FAIL, NOT_SURE. Field introduced in 22.1.1. Allowed in Enterprise edition with any value, Enterprise with Cloud Services edition.