Fortinet 196 FortiWeb 5.0 Patch 6 Administration Guide
See also
•Removing old auto-learning data
•Using the report navigation pane
•Configuring an auto-learning profile
•Generating a profile from auto-learning data
Generating a profile from auto-learning dataWhen viewing a report generated from auto-learning data, you can generate an inline protection
profile or an offline protection profile suitable for the HTTP sessions observed. If some observed
sessions are not indicative of typical traffic and you do not want to include elements in the
generated profile, or you want to select an action other than the default for a type of observed
attack, you can selectively change the action for that type of attack.
In addition to the generated profile itself, the FortiWeb appliance also generates all rules and
other auxiliary configurations that the profile depends upon.
For example, if the FortiWeb appliance observed HTTP PUT requests with required parameters
of a password and a user name that is an email address, when generating a profile, it would also
generate the parameter validation rules and input rules that the profile requires, using the data
types and maximum lengths of the arguments observed in the HTTP sessions.
Generated profiles and auxiliary configurations are editable. You can adjust them or use them as
the basis for additional configuration.
To configure a profile using auto-learning data
1. Go to Auto Learn > Auto Learn Report > Auto Learn Report.
To access this part of the web UI, your administrator’s account access profile must have
Read and Write permission to items in the Autolearn Configuration category. For details, see
“Permissions” on page 47.
2. Mark the check box in the row corresponding to the auto-learning profile whose data you
want to view.
3. Click View.
The report appears.
4. Review the configuration suggestions from auto-learning.
If you want to adjust the behavior of the profile and components that you will generate, in the
left-hand pane, click the expand icon ( + ) next to items to expand the tree, then click the
name of the single URL whose protection you want to manually configure.