fw sam_policy get
Description
The "fw sam_policy get" and "fw6 sam_policy get" commands:
-
Show all the configured Suspicious Activity Monitoring (SAM) rules.
-
Show all the configured Rate Limiting rules.
|
Notes:
|
|
Best Practice - The SAM Policy rules consume some CPU resources on Security Gateway. Set an expiration for rules that gives you time to investigate, but does not affect performance. Keep only the required SAM Policy rules. If you confirm that an activity is risky, edit the Security Policy Collection of rules that control network traffic and enforce organization guidelines for data protection and access to resources with packet inspection., educate users, or otherwise handle the risk. |
Syntax for IPv4
|
Syntax for IPv6
|
Parameters
Note - All these parameters are optional.
Parameter |
Description |
||
---|---|---|---|
|
Runs the command in debug mode. Use only if you troubleshoot the command itself.
|
||
|
Controls how to print the rules:
|
||
|
Prints the rule specified by its Rule UID or its zero-based rule index. The quote marks and angle brackets ('<...>') are mandatory. |
||
|
Prints the rules with the specified predicate key. The quote marks are mandatory. |
||
|
Prints the rules with the specified predicate type. For Rate Limiting rules, you must always use " |
||
|
Prints the rules with the specified predicate values. The quote marks are mandatory. |
||
|
Negates the condition specified by these predicate parameters:
|
Examples
[Expert@HostName:0]# fw samp get operation=add uid=<5ac3965f,00000000,3403a8c0,0000264a> target=all timeout=300 action=notify log=log name=Test\ Rule comment=Notify\ about\ traffic\ from\ 1.1.1.1 originator=John\ Doe src_ip_addr=1.1.1.1 req_tpe=ip |