This section describes the steps to enable Bot Management through CLI.
The following are the steps to configure Bot using the CLI:
Procedure
- Bind the Bot detection policy to the virtual service.
- Add HTTP security policy to take the action on the classified Bot.
[admin:ctrl]:> configure virtualservice Bot-VS [admin:ctrl]: virtualservice> bot_policy_ref System-BotDetectionPolicy [admin:ctrl]: virtualservice> save
- Add HTTP security policy to take the action on the classified Bot.
[admin:ctrl]: > configure httppolicyset Demo [admin:ctrl]: httppolicyset> http_security_policy [admin:ctrl]: httppolicyset:http_security_policy> rules New object being created [admin:ctrl]: httppolicyset:http_security_policy:rules> name rule1 [admin:ctrl]: httppolicyset:http_security_policy:rules> match [admin:ctrl]: httppolicyset:http_security_policy:rules:match> [admin:ctrl]: httppolicyset:http_security_policy:rules:match> bot_detection_result match_operation is_in [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result> [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result> classifications New object being created [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result:classifications> type dangerous_bot [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result:classifications> [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result:classifications> save [admin:ctrl]: httppolicyset:http_security_policy:rules:match:bot_detection_result> save [admin:ctrl: httppolicyset:http_security_policy:rules:match> save [admin:ctrl]: httppolicyset:http_security_policy:rules> action [admin:ctrl]: httppolicyset:http_security_policy:rules:action> action http_security_action_close_conn [admin:ctrl]: httppolicyset:http_security_policy:rules:action> save [admin:ctrl]: httppolicyset:http_security_policy:rules> save [admin:ctrl]: httppolicyset:http_security_policy> save [admin:ctrl]: httppolicyset> save
Note:For each of the default objects in the system, the admin can supply their own logic that takes precedence.
System-BotConfigConsolidator - Custom consolidation script
System-BotMapping - Custom mapping
System-BotIPReputationTypeMapping - Custom mapping
Creating the customized
botdetectionpolicy
,botmapping
,botconfigconsolidator
and so on is supported. However, if you need to custom any of these, you can contact the Support team. To learn about the support options available for you, visit the VMware Support Offerings and Services page.