-
Notifications
You must be signed in to change notification settings - Fork 2.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Analytic Rules errors with Front Door Premium WAF - SQLi Detection and Front Door Premium WAF - XSS Detection #10495
Comments
Hi @cyb3n3tic, |
Great, thank you @v-rusraut |
Hi @cyb3n3tic, |
Hey @cyb3n3tic, Based on your provided issue description and screenshots, it looks the required columns does not get created, which defined into the Rule. So, can you check the AzureDiagnostics table schema or share schema with us, to check those columns are get created or not. Thanks! |
Thanks @v-sudkharat - I will follow up on this shortly. Not sure why columns would be missing/not created though? |
@cyb3n3tic, Great. Please let us know once it done. Thanks! |
Hi @cyb3n3tic, |
Sorry @v-rusraut , I am currently away so won't be able to follow up for another two weeks |
Describe the bug
It appears that it is not possible to create analytics rules for either Front Door Premium WAF - SQLi Detection or Front Door Premium WAF - XSS Detection. (I assume these can be used with only Application Gateway?)
When defining the rule logic, the pre-populated rule query throws errors as indicated below.
The name 'details_msg_s' does not refer to any known column, table, variable or function.(KS142)
The name 'trackingReference_s' does not refer to any known column, table, variable or function.(KS142)
The name 'details_matches_s' does not refer to any known column, table, variable or function.(KS142)
The column 'trackingReference_s' must exist on both sides of the join.(KS145)
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The rule query generated should be valid with no errors
Screenshots
Screenshots attached
Additional context
Running Application Gateway with WAF, FrontDoor not in use but assume this should work as Data sources listed are Application Gateways and appear valid in that respect, I have not found any application gateway WAF specific templates?
I have used some other templates such as App GW WAF - Path Traversal Attack without problem but not seeing App GW WAF - SQLi or XSS - I assume those templates lised for Front Door Premium should work, or is that not the case?
Appreciate some guidance.
The text was updated successfully, but these errors were encountered: