Creating custom rules for detection

Hi, is it possible to create custom rules for detection and alerting? Currently i only see Allow/Deny Rules.

Thanks,
Brr Brr Patapim

In Rate Limiting, you can set up block or challenge rules when it triggers the limit you customize.

In BOT PROTECT & Auth for each app, you can also set specific rules to trigger anti-bot challenge or Authentication.

Are there any other detection rules you want to configure?

Notification/Alerting rules can be configured here (like the image below)

Good morning, thank you for your comprehensive answer.
I wanted to know how to create custom detection rules that do not break the connection but trigger an alert, so that the WAF operates in “passthrough” mode.

Thanks.

Second, if you want to allow but still log attack requests when certain conditions are met, there is an option in the allow rule settings:
“Continue to detect and log attack requests even when whitelisting.”

If you check this option, the system will still log and alert on attacks, even though the requests are allowed through.

If I misunderstood your use case, please give a specific example to clarify.

Thank you for the timely responses.
I am currently testing Safeline and wanted to ask if there were specific rules for Bruteforce attack detection and if it was possible to put a filter to events by response code type.

I hope I was clear, in case I remain available for further information.
Thank you.