Duplicate matches in output
Anilm3 opened this issue · 0 comments
Anilm3 commented
The WAF is producing multiple duplicate matches for certain rules within the same flow.
[
{
"rule": {
"id": "nfd-000-002",
"name": "Detect failed attempt to fetch readme files",
"tags": {
"type": "security_scanner",
"category": ""
}
},
"rule_matches": [
{
"operator": "match_regex",
"operator_value": "^404$",
"parameters": [
{
"address": "server.response.status",
"key_path": [],
"value": "404",
"highlight": [
"404"
]
}
]
},
{
"operator": "match_regex",
"operator_value": "^404$",
"parameters": [
{
"address": "server.response.status",
"key_path": [],
"value": "404",
"highlight": [
"404"
]
}
]
},
{
"operator": "match_regex",
"operator_value": "readme\\.[\\.a-z0-9]+$",
"parameters": [
{
"address": "server.request.uri.raw",
"key_path": [],
"value": "/readme.txt",
"highlight": [
"readme.txt"
]
}
]
}
]
}
]