Link11 WAAP
v5
v5
  • Link11 WAAP Documentation
  • Release Notes
  • Known Issues
  • User Guide
    • Introduction to Link11 WAAP
  • How Link11 WAAP Works
    • Traffic Filtering Process
    • Traffic Reporting and Analytics
    • Policy Mapping and Traffic Routing
    • Tagging
    • UI Overview and Common Elements
  • Console UI Walkthrough
    • Analytics
      • Dashboard
      • Events Log
    • Security
      • Global Filters
      • Flow Control Policies
      • Security Policies
      • Rate Limit Rules
      • ACL Profiles
      • Actions
      • Dynamic Rules
      • Quarantined
      • Content Filter
        • Content Filter Profiles
        • Content Filter Rules
    • Sites
      • Server Groups
      • Proxy Templates
      • Mobile Application Groups
      • Backend Services
      • Edge Functions
      • DNS Records
      • SSL
        • Load Balancers
        • Certificates
    • System
      • Interactive Challenge
      • SSO Configuration
      • Purge CDN Cache
      • Users Management
      • Security Alerts
      • Log Exporters
      • Version Control
      • System DB
      • Publish Changes
    • Account
  • Using the product
    • Best Practices
      • Saving and Publishing Your Changes
      • Enabling Passive Challenges
      • Understanding and Diagnosing Traffic Issues
    • How Do I...
      • Authenticate mobile app users
      • Ban, unban, and allowlist traffic sources
      • Bypass Link11 WAAP for loadtesting or other purposes
      • Configure a new path/section of a site
      • Control caching behavior
      • Enable GraphQL traffic
      • Enable mTLS (mutual TLS)
      • Protect sensitive information in logs and analytics
      • Quickly block an attacker
      • Redirect or block HTTP traffic
      • Run custom code
      • Set rate limits and exemptions
      • Stream event data to a SIEM solution or other destination
    • The Link11 WAAP API
      • Overview
      • Internal data structures
      • Using Swagger UI
      • Using curl
  • Reference Information
    • Acronyms
    • API
      • API access to traffic data
      • Types of namespaces
      • Namespace reference
        • ACL Profiles
        • Actions
        • Backend Services
        • Certificates
        • Configs
        • Content Filter Profiles
        • Content Filter Rules
        • Data queries
        • Dynamic Rules
        • Edge Functions
        • Flow Control Policies
        • Global Filters
        • Load Balancers
        • Log Exporters
        • Mobile Application Groups
        • Planets
        • Proxy Templates
        • Rate Limit Rules
        • Security Alerts
        • Security Policies
        • Server Groups
        • Tags
        • Tools
        • Users
    • Hostile Bot Detection / LWCSI
      • Environmental detection and browser verification
      • Client authentication
      • Biometric behavioral verification
    • HTTP Response Codes
    • Log Exporter Output
    • Pattern Matching Syntax
    • Query Filter Syntax and Best Practices
  • Support
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Reference Information

Pattern Matching Syntax

used for specifying matching conditions

PreviousLog Exporter OutputNextQuery Filter Syntax and Best Practices

Last updated 1 month ago

Was this helpful?

Within the Link11 WAAP interface, there are several features that require matching conditions to be specified.

The text boxes accept strings or PCRE (Perl Compatible Regular Expressions). If you are unsure of PCRE syntax, you can test your expression at sites such as , which will show you how it will be parsed.

Below are some examples of syntax for specifying matching patterns.

Functionality

Syntax

Remarks

Match /Images/ or /images/ or /IMAGES/

~* /images/

Case insensitive, regular expression matching.

Match URLs that ends with .DOC or .PDF

~ \.(DOC|PDF)$

Case sensitive, regular expression matching.

Match URLs that ends with .gif or .jpg

~* \.(gif|jpg)$

Case insensitive, regular expression matching.

Match exact URL, e.g. Root / or /admin

= / or = /admin

Searching stops immediately (this match is top priority).

Match all URLs starting with /documents/

/documents/

System will continue search for a regular expression match. This will be matched only if none will be found.

Prioritize URLs starting with /documents/

^~ /documents/

^~ means - match and halt searching, i.e. regular expressions will not be checked.

Match 'entire site' (anything else)

/

Matches any URL since all begins with "/". However, regular expressions and longer entries will take priority.

A common pattern is for matching all static content. This pattern in full is:

~* \.(gcur|htc|aif|aiff|au|avi|bin|bmp|cab|cct|cdf|class|doc|dcr|dtd|exe|flv|gcf|gff|gif|grv|hdml|hqx|ico|ini|jpeg|jpg|js|mov|mp3|nc|pct|pdf|png|ppc|pws|swa|swf|txt|vbs|w32|wav|wbmp|wml|wmlc|wmls|xsd|zip|webp|jxr|hdp|wdp|bz2|map|ttf|ttc|otf|eot|woff|css)$

https://regex101.com