Hello, thanks for the answer.
The value of the UUID requests are different, which is why I can't rule this type.
What I need is to see the requests when there are 3 occurrences from the same UUID value, something similar to this rule:
Original Message:
Sent: 12-13-2022 03:56
From: Ciphertech Supports
Subject: Number of Occurrences request
Hi,
You can refer to this option "HTTP Request".
------------------------------
Ciphertech Supports
Security Manager
CipherTech Co., Ltd
Taipei
Original Message:
Sent: 12-11-2022 22:19
From: Jorge Luis Santamaria Silupu
Subject: Number of Occurrences request
Hi guys.
I want to make a policy to match all "UUID" requests that have more than 3 match numbers. How could I do it?
I see that there is an option for number of occurrences however it only has for four requests: Originating Session, Server Group, Source IP and User.
#On-PremisesWAF(formerlySecuresphere)