The following is an example of a JSON document describing a valid HTTP detection.
{
"detection_type": "http dialog",
"api_version": 1,
"trigger_type": "service", // may also be "virtual host"
"title": "custom XSS detection",
"dialog": [
{
"transaction": "http get",
"object": "/cgi-bin/no5_such3_file7.pl?\"><script>alert(73541);</script>"
},
{
"transaction": "process",
"mode": "regexp",
"match": "\"><script>alert\\(73541\\);</script>"
},
{
"transaction": "report",
"result": "XSS found"
}
]
}
The following is an example of a JSON document with a TCP detection that uses Lua functions from the Lua library. Learn more
{
"detection_type": "tcp dialog",
"api_version": 1,
"trigger_type": "service",
"services": ["microsoft-ds"],
"title": "test check 2",
"dialog": [
{
"transaction": "send",
"data": {"call": {"name": "qrdiuser_smb_create_v1_negotiate"}}
},
{
"transaction": "receive",
"mode": "call",
"name": "qrdiuser_smb_check"
},
{
"transaction": "process",
"mode": "call",
"name": "qrdiuser_smb_process_packet"
},
{
"transaction": "report",
"mode": "luapattern",
"result": {"user": "result"}
}
]
}