The tool for importing DAST results into the Avi Load Balancer is written in the Python language. It can be run with the following command line example.
You can use the following format for python:
avi-iwaf-vpatch.py PARAMETERS FILENAME
.
The PARAMETERS
are as follows:
-c — hostname or IP address of the Avi Load Balancer Controller to connect to.
-u — username to log in to Controller.
-p — password.
-t — tenant.
-g — (optional) WAF Policy PSM group name.
-v — verbose output.
-f — force apply changes.
FILENAME
is a DAST
scan output in XML
format.
When you run the script without -f
option, the system only prints what it would do. Only after –force
is set, the system attempts to connect to the Avi Load BalancerController and write WAF Policy. If group name is not specified using -g
, the system creates a group named zap or qualysweb, depending on the scanner being used. Scanner type is auto detected based on the XML file format.
Example
python ./avi-iwaf-vpatch.py -c 127.0.0.1 -g zap_group ./zap_results.xml --verbose