Fortinet black logo

CLI Reference

Home FortiADC 7.4.2 CLI Reference
7.4.2
7.4.3
7.4.2
7.4.1
7.4.0
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.1.4
7.1.3
7.1.2
7.1.1
7.1.0
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.6
6.1.5
6.1.4
6.1.3
6.1.2
6.1.1
6.1.0
6.0.2
6.0.1
6.0.0
5.4.5
5.4.3
5.4.2
5.4.1
5.4.0
5.3.0
4.8.1
4.7.0

config security waf dlp-sensors

config security waf dlp-sensors

Use this command to configure a DLP Sensor object to use in a DLP Policy. A DLP Sensor defines which dictionaries to check. You can match any dictionary or all dictionaries. It can also count the number of dictionary matches to trigger the sensor.

Before you begin:
  • You must have a valid FortiGuard DLP service license and have enabled the service on FortiADC.
  • Configure a DLP Dictionary object. For details, see config security waf dlp-dictionary.

Syntax

config security waf dlp-sensors

edit <name>

set match-type {any|all}

set description <string>

config entries

edit <name>

set status {enable|disable}

set dlp-dictionary <datasource>

set count <integer>

next

end

next

end

match-type

Select the match type:

  • any — Data meeting the criteria specified by any one of the dictionaries will be identified as a match.

  • all — Data meeting the criteria specified by all dictionaries will be identified as a match.

description

 Comments about this DLP Sensor object.

config entries

status

 Enable the Status if you intend to apply this sensor.

dlp-dictionary

 Specify a DLP Dictionary object.

count

Specify the occurrence threshold for the dictionary match. The sensor will be triggered when the dictionary match reaches the specified number of times. Default: 1 Range: 1-255.

For example, if the dictionary applies to credit card numbers and the count is set to 4, the sensor will be triggered when credit card number occurs four times in the HTTP request or response.

Example

config security waf dlp-sensors

edit "user-defined-sensor1"

set match-type any

set description "User Defined DLP Sensor 1"

config entries

edit 1

set status enable

set dlp-dictionary can-natl_id-pk

set count 1

next

end

next

end

Predefined DLP Sensor objects

You can use the following predefined DLP Sensor objects in Data Loss Prevention rules.

Predefined DLP Sensor object

Match Type

 Description

Dictionaries
can-hia

Any

Canadian Health Information Act (HIA) Sensor

  • can-pass-dict

  • can-natl_id-sin-dict

  • can-phin-dict

  • can-health_service-dict
can-pii

Any

 Canadian Personal Identifiable Information (PII) Sensor

  • can-dl-dict

  • can-natl_id-sin-dict

  • can-pass-dict

  • can-health_service-dict

  • can-bank_account-dict

  • can-phin-dict
source_code

Any

 Source Code Sensor

  • source_code-python

  • source_code-c

  • source_code-java
Previous
Next

config security waf dlp-sensors

Use this command to configure a DLP Sensor object to use in a DLP Policy. A DLP Sensor defines which dictionaries to check. You can match any dictionary or all dictionaries. It can also count the number of dictionary matches to trigger the sensor.

Before you begin:
  • You must have a valid FortiGuard DLP service license and have enabled the service on FortiADC.
  • Configure a DLP Dictionary object. For details, see config security waf dlp-dictionary.

Syntax

config security waf dlp-sensors

edit <name>

set match-type {any|all}

set description <string>

config entries

edit <name>

set status {enable|disable}

set dlp-dictionary <datasource>

set count <integer>

next

end

next

end

match-type

Select the match type:

  • any — Data meeting the criteria specified by any one of the dictionaries will be identified as a match.

  • all — Data meeting the criteria specified by all dictionaries will be identified as a match.

description

 Comments about this DLP Sensor object.

config entries

status

 Enable the Status if you intend to apply this sensor.

dlp-dictionary

 Specify a DLP Dictionary object.

count

Specify the occurrence threshold for the dictionary match. The sensor will be triggered when the dictionary match reaches the specified number of times. Default: 1 Range: 1-255.

For example, if the dictionary applies to credit card numbers and the count is set to 4, the sensor will be triggered when credit card number occurs four times in the HTTP request or response.

Example

config security waf dlp-sensors

edit "user-defined-sensor1"

set match-type any

set description "User Defined DLP Sensor 1"

config entries

edit 1

set status enable

set dlp-dictionary can-natl_id-pk

set count 1

next

end

next

end

Predefined DLP Sensor objects

You can use the following predefined DLP Sensor objects in Data Loss Prevention rules.

Predefined DLP Sensor object

Match Type

 Description

Dictionaries
can-hia

Any

Canadian Health Information Act (HIA) Sensor

  • can-pass-dict

  • can-natl_id-sin-dict

  • can-phin-dict

  • can-health_service-dict
can-pii

Any

 Canadian Personal Identifiable Information (PII) Sensor

  • can-dl-dict

  • can-natl_id-sin-dict

  • can-pass-dict

  • can-health_service-dict

  • can-bank_account-dict

  • can-phin-dict
source_code

Any

 Source Code Sensor

  • source_code-python

  • source_code-c

  • source_code-java
Previous
Next