filters
Syntax
filters {
age-of-attack
{
greater-than value;
less-than value;
}
category (Security Dynamic Attack Group) {
values [ values];
}
cvss-score
{
greater-than value;
less-than value;
}
direction {
expression (and | or);
values [any client-to-server exclude-any exclude-client-to-server exclude-server-to-client server-to-client];
}
false-positives {
values [frequently occasionally rarely unknown];
}
file-type {
values [ values ];
}
performance {
values [fast normal slow unknown];
}
recommended;
service {
values [service-value];
}
severity {
values [critical info major minor warning];
}
type {
values [anomaly signature];
}
vendor name {
product-name product-name;
}
vulnerability-type {
values [ values ];
}
}
Hierarchy Level
[edit security idp dynamic-attack-group dynamic-attack-group-name]
Description
To create a dynamic attack group, set the criteria using different types of filters.
Options
The remaining statements are explained separately. See CLI Explorer.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release
9.3. The expression option added in Junos OS Release 11.4.
Additional tags under filters of dynamic attack groups (CVSS score, age-of-attack, file-type, vulnerability-type) are added in Junos OS Release 18.2R1 for dynamic attacks grouping of IDP signatures. The Product and Vendor tags are already supported under existing filter products. The CLI interface for configuring these tags is more user friendly, with possible completions being available for configuration in 18.2R1.