Set evaluation mode

Kona Site Defender, App & API Protector with the Advanced Security module Evaluation mode runs concurrently with your existing Web Application Firewall Rule settings and records how the rules would respond if they were applied to live traffic. The default action for evaluation rules is alert. Unlike other POST or PUT actions, this request object supports values other than enabled or disabled. Use START to begin evaluation mode. An evaluation period lasts four weeks unless you stop the evaluation. Once you begin, the rules you evaluate will respond to traffic as if they are your current rules. However, instead of taking an action the evaluation rules will log which action they would have taken if they were your active rules and not a test of future rules. Use STOP to end the evaluation before it completes on its own, and not upgrade your rules. Use RESTART to start an evaluation you previously stopped, or one that has expired. Use COMPLETE to stop your in-progress evaluation and automatically upgrade your existing KRS rules to the rule set you just evaluated. Use UPDATE to upgrade to the newest available version of evaluation rules. A request value of START, RESTART, or COMPLETE returns an eval value of enabled. A request value of STOP or UPDATE returns an eval value of disabled. If you're using Adaptive Security Engine, pass eval as usual, and add "mode": "ASE_AUTO" or ASE_MANUAL in your request. If you're using Kona Rule Sets, continue to pass only the eval value.

Path Params
string
required

A unique identifier for a security policy.

integer
required

A unique identifier for each version of a configuration.

int64
required

A unique identifier for each configuration.

Query Params
string

For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.

Body Params

Contains setting for eval mode action.

string
enum
required

Set eval to start, stop, restart, complete, or update to manage the evaluation of new rules you want to test before you upgrade. If you set eval to start, restart, or update, the response object will have an eval value of enabled. The value is disabled for requests of stop or complete. For more information see Set evaluation mode.

Allowed:
string
enum

Optionally lets you specify between two Adaptive Security Engine (ASE) rule set types. Use ASE_AUTO for automatic updates to the ASE evaluation rules, or ASE_MANUAL to manually retrieve current evaluation rules. When not specified, the mode uses default settings. For a KRS 1.0 policy, that means using the KRS 1.0 rule set.

Allowed:
Headers
string
enum
Defaults to application/json

Generated from available response content types

Allowed:
Responses

Language
URL
LoadingLoading…
Response
Choose an example:
application/json
application/problem+json