STATE_DISABLED STATE_ENABLED ANOMALY_TPS_BASED ANOMALY_LATENCY_BASED OPERATION_MODE_UNKNOWN OPERATION_MODE_OFF OPERATION_MODE_TRANSPARENT OPERATION_MODE_BLOCKING NETWORK_ATTACK_VECTOR_UNKNOWN NETWORK_ATTACK_VECTOR_TCP_SYN_FLOOD NETWORK_ATTACK_VECTOR_TCP_RST_FLOOD NETWORK_ATTACK_VECTOR_UDP_FLOOD STATISTIC_NO_NODE_ERRORS STATISTIC_MINIMUM_CONNECTION_DURATION STATISTIC_MEAN_CONNECTION_DURATION STATISTIC_MAXIMUM_CONNECTION_DURATION STATISTIC_TOTAL_REQUESTS STATISTIC_TOTAL_PVA_ASSISTED_CONNECTIONS STATISTIC_CURRENT_PVA_ASSISTED_CONNECTIONS STATISTIC_TIMEOUTS STATISTIC_COLLISIONS STATISTIC_DROPPED_PACKETS_IN STATISTIC_DROPPED_PACKETS_OUT STATISTIC_DROPPED_PACKETS_TOTAL STATISTIC_ERRORS_IN STATISTIC_ERRORS_OUT STATISTIC_TM_TOTAL_CYCLES STATISTIC_TM_IDLE_CYCLES STATISTIC_TM_SLEEP_CYCLES STATISTIC_MAINTENANCE_MODE_DENIALS STATISTIC_VIRTUAL_ADDRESS_MAXIMUM_CONNECTION_DENIALS STATISTIC_VIRTUAL_SERVER_MAXIMUM_CONNECTION_DENIALS STATISTIC_VIRTUAL_SERVER_NON_SYN_DENIALS STATISTIC_NO_HANDLER_DENIALS STATISTIC_LICENSE_DENIALS STATISTIC_CONNECTION_FAILED_MEMORY_ERRORS STATISTIC_ACTIVE_CPU_COUNT STATISTIC_MULTI_PROCESSOR_MODE STATISTIC_MEMORY_TOTAL_BYTES STATISTIC_MEMORY_USED_BYTES STATISTIC_IP_TRANSMITTED_PACKETS STATISTIC_IP_RECEIVED_PACKETS STATISTIC_IP_DROPPED_PACKETS STATISTIC_IP_TRANSMITTED_FRAGMENTS STATISTIC_IP_DROPPED_TRANSMITTED_FRAGMENTS STATISTIC_IP_RECEIVED_FRAGMENTS STATISTIC_IP_DROPPED_RECEIVED_FRAGMENTS STATISTIC_IP_REASSEMBLED_PACKETS STATISTIC_IP_INVALID_CHECKSUM_ERRORS STATISTIC_IP_INVALID_LENGTH_ERRORS STATISTIC_IP_MEMORY_ERRORS STATISTIC_IP_RETRANSMITTED_ERRORS STATISTIC_IP_INVALID_PROTOCOL_ERRORS STATISTIC_IP_OPTIONS_ERRORS STATISTIC_IP_REASSEMBLED_TOO_LONG_ERRORS STATISTIC_IPV6_TRANSMITTED_PACKETS STATISTIC_IPV6_RECEIVED_PACKETS STATISTIC_IPV6_DROPPED_PACKETS STATISTIC_IPV6_TRANSMITTED_FRAGMENTS STATISTIC_IPV6_DROPPED_TRANSMITTED_FRAGMENTS STATISTIC_IPV6_RECEIVED_FRAGMENTS STATISTIC_IPV6_DROPPED_RECEIVED_FRAGMENTS STATISTIC_IPV6_REASSEMBLED_PACKETS STATISTIC_IPV6_INVALID_CHECKSUM_ERRORS STATISTIC_IPV6_INVALID_LENGTH_ERRORS STATISTIC_IPV6_MEMORY_ERRORS STATISTIC_IPV6_RETRANSMITTED_ERRORS STATISTIC_IPV6_INVALID_PROTOCOL_ERRORS STATISTIC_IPV6_OPTIONS_ERRORS STATISTIC_IPV6_REASSEMBLED_TOO_LONG_ERRORS STATISTIC_ICMP_TRANSMITTED_PACKETS STATISTIC_ICMP_RETRANSMITTED_PACKETS STATISTIC_ICMP_RECEIVED_PACKETS STATISTIC_ICMP_FORWARDED_PACKETS STATISTIC_ICMP_DROPPED_PACKETS STATISTIC_ICMP_INVALID_CHECKSUM_ERRORS STATISTIC_ICMP_INVALID_LENGTH_ERRORS STATISTIC_ICMP_MEMORY_ERRORS STATISTIC_ICMP_RETRANSMITTED_ERRORS STATISTIC_ICMP_INVALID_PROTOCOL_ERRORS STATISTIC_ICMP_OPTIONS_ERRORS STATISTIC_ICMP_OTHER_ERRORS STATISTIC_ICMPV6_TRANSMITTED_PACKETS STATISTIC_ICMPV6_RETRANSMITTED_PACKETS STATISTIC_ICMPV6_RECEIVED_PACKETS STATISTIC_ICMPV6_FORWARDED_PACKETS STATISTIC_ICMPV6_DROPPED_PACKETS STATISTIC_ICMPV6_INVALID_CHECKSUM_ERRORS STATISTIC_ICMPV6_INVALID_LENGTH_ERRORS STATISTIC_ICMPV6_MEMORY_ERRORS STATISTIC_ICMPV6_RETRANSMITTED_ERRORS STATISTIC_ICMPV6_INVALID_PROTOCOL_ERRORS STATISTIC_ICMPV6_OPTIONS_ERRORS STATISTIC_ICMPV6_OTHER_ERRORS STATISTIC_UDP_OPEN_CONNECTIONS STATISTIC_UDP_ACCEPTED_CONNECTIONS STATISTIC_UDP_ACCEPT_FAILURES STATISTIC_UDP_ESTABLISHED_CONNECTIONS STATISTIC_UDP_CONNECTION_FAILURES STATISTIC_UDP_EXPIRED_CONNECTIONS STATISTIC_UDP_TRANSMITTED_DATAGRAMS STATISTIC_UDP_RECEIVED_DATAGRAMS STATISTIC_UDP_RECEIVED_MALFORMED_DATAGRAMS STATISTIC_UDP_RECEIVED_UNREACHABLE_ICMP_DATAGRAMS STATISTIC_UDP_RECEIVED_BAD_CHECKSUM_DATAGRAMS STATISTIC_UDP_RECEIVED_NO_CHECKSUM_DATAGRAMS STATISTIC_TCP_OPEN_CONNECTIONS STATISTIC_TCP_CLOSE_WAIT_CONNECTIONS STATISTIC_TCP_FIN_WAIT_CONNECTIONS STATISTIC_TCP_TIME_WAIT_CONNECTIONS STATISTIC_TCP_ACCEPTED_CONNECTIONS STATISTIC_TCP_ACCEPT_FAILURES STATISTIC_TCP_ESTABLISHED_CONNECTIONS STATISTIC_TCP_CONNECTION_FAILURES STATISTIC_TCP_EXPIRED_CONNECTIONS STATISTIC_TCP_ABANDONED_CONNECTIONS STATISTIC_TCP_RECEIVED_RESETS STATISTIC_TCP_RECEIVED_BAD_CHECKSUMS STATISTIC_TCP_RECEIVED_BAD_SEGMENTS STATISTIC_TCP_RECEIVED_OUT_OF_ORDER_SEGMENTS STATISTIC_TCP_RECEIVED_SYN_COOKIES STATISTIC_TCP_RECEIVED_BAD_SYN_COOKIES STATISTIC_TCP_SYN_CACHE_OVERFLOWS STATISTIC_TCP_RETRANSMITTED_SEGMENTS STATISTIC_BYTES_IN STATISTIC_BYTES_OUT STATISTIC_PACKETS_IN STATISTIC_PACKETS_OUT STATISTIC_MULTICASTS_IN STATISTIC_MULTICASTS_OUT STATISTIC_EPHEMERAL_BYTES_IN STATISTIC_EPHEMERAL_BYTES_OUT STATISTIC_EPHEMERAL_PACKETS_IN STATISTIC_EPHEMERAL_PACKETS_OUT STATISTIC_EPHEMERAL_CURRENT_CONNECTIONS STATISTIC_EPHEMERAL_MAXIMUM_CONNECTIONS STATISTIC_EPHEMERAL_TOTAL_CONNECTIONS STATISTIC_CLIENT_SIDE_BYTES_IN STATISTIC_CLIENT_SIDE_BYTES_OUT STATISTIC_CLIENT_SIDE_PACKETS_IN STATISTIC_CLIENT_SIDE_PACKETS_OUT STATISTIC_CLIENT_SIDE_CURRENT_CONNECTIONS STATISTIC_CLIENT_SIDE_MAXIMUM_CONNECTIONS STATISTIC_CLIENT_SIDE_TOTAL_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_BYTES_IN STATISTIC_PVA_CLIENT_SIDE_BYTES_OUT STATISTIC_PVA_CLIENT_SIDE_PACKETS_IN STATISTIC_PVA_CLIENT_SIDE_PACKETS_OUT STATISTIC_PVA_CLIENT_SIDE_CURRENT_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_MAXIMUM_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_TOTAL_CONNECTIONS STATISTIC_SERVER_SIDE_BYTES_IN STATISTIC_SERVER_SIDE_BYTES_OUT STATISTIC_SERVER_SIDE_PACKETS_IN STATISTIC_SERVER_SIDE_PACKETS_OUT STATISTIC_SERVER_SIDE_CURRENT_CONNECTIONS STATISTIC_SERVER_SIDE_MAXIMUM_CONNECTIONS STATISTIC_SERVER_SIDE_TOTAL_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_BYTES_IN STATISTIC_PVA_SERVER_SIDE_BYTES_OUT STATISTIC_PVA_SERVER_SIDE_PACKETS_IN STATISTIC_PVA_SERVER_SIDE_PACKETS_OUT STATISTIC_PVA_SERVER_SIDE_CURRENT_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_MAXIMUM_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_TOTAL_CONNECTIONS STATISTIC_PACKET_FILTER_HITS STATISTIC_STREAM_REPLACEMENTS STATISTIC_ONECONNECT_CURRENT_IDLE_CONNECTIONS STATISTIC_ONECONNECT_MAXIMUM_IDLE_CONNECTIONS STATISTIC_ONECONNECT_TOTAL_REUSES STATISTIC_ONECONNECT_NEW_CONNECTIONS STATISTIC_RATE_CLASS_BYTES_AT_BASE_RATE STATISTIC_RATE_CLASS_BYTES_DURING_BURST STATISTIC_RATE_CLASS_BYTES_DROPPED STATISTIC_RATE_CLASS_BYTES_QUEUED STATISTIC_RATE_CLASS_BYTES_PER_SEC STATISTIC_RULE_FAILURES STATISTIC_RULE_ABORTS STATISTIC_RULE_TOTAL_EXECUTIONS STATISTIC_RULE_AVERAGE_CYCLES STATISTIC_RULE_MAXIMUM_CYCLES STATISTIC_RULE_MINIMUM_CYCLES STATISTIC_HTTP_COOKIE_PERSIST_INSERTS STATISTIC_HTTP_2XX_RESPONSES STATISTIC_HTTP_3XX_RESPONSES STATISTIC_HTTP_4XX_RESPONSES STATISTIC_HTTP_5XX_RESPONSES STATISTIC_HTTP_TOTAL_REQUESTS STATISTIC_HTTP_GET_REQUESTS STATISTIC_HTTP_POST_REQUESTS STATISTIC_HTTP_V9_REQUESTS STATISTIC_HTTP_V10_REQUESTS STATISTIC_HTTP_V11_REQUESTS STATISTIC_HTTP_V9_RESPONSES STATISTIC_HTTP_V10_RESPONSES STATISTIC_HTTP_V11_RESPONSES STATISTIC_HTTP_MAXIMUM_KEEPALIVE_REQUESTS STATISTIC_HTTP_BUCKET_1K_RESPONSES STATISTIC_HTTP_BUCKET_4K_RESPONSES STATISTIC_HTTP_BUCKET_16K_RESPONSES STATISTIC_HTTP_BUCKET_32K_RESPONSES STATISTIC_HTTP_BUCKET_64K_RESPONSES STATISTIC_HTTP_PRE_COMPRESSION_BYTES STATISTIC_HTTP_POST_COMPRESSION_BYTES STATISTIC_HTTP_NULL_COMPRESSION_BYTES STATISTIC_HTTP_HTML_PRE_COMPRESSION_BYTES STATISTIC_HTTP_HTML_POST_COMPRESSION_BYTES STATISTIC_HTTP_CSS_PRE_COMPRESSION_BYTES STATISTIC_HTTP_CSS_POST_COMPRESSION_BYTES STATISTIC_HTTP_JS_PRE_COMPRESSION_BYTES STATISTIC_HTTP_JS_POST_COMPRESSION_BYTES STATISTIC_HTTP_XML_PRE_COMPRESSION_BYTES STATISTIC_HTTP_XML_POST_COMPRESSION_BYTES STATISTIC_HTTP_SGML_PRE_COMPRESSION_BYTES STATISTIC_HTTP_SGML_POST_COMPRESSION_BYTES STATISTIC_HTTP_PLAIN_PRE_COMPRESSION_BYTES STATISTIC_HTTP_PLAIN_POST_COMPRESSION_BYTES STATISTIC_HTTP_OCTET_PRE_COMPRESSION_BYTES STATISTIC_HTTP_OCTET_POST_COMPRESSION_BYTES STATISTIC_HTTP_IMAGE_PRE_COMPRESSION_BYTES STATISTIC_HTTP_IMAGE_POST_COMPRESSION_BYTES STATISTIC_HTTP_VIDEO_PRE_COMPRESSION_BYTES STATISTIC_HTTP_VIDEO_POST_COMPRESSION_BYTES STATISTIC_HTTP_AUDIO_PRE_COMPRESSION_BYTES STATISTIC_HTTP_AUDIO_POST_COMPRESSION_BYTES STATISTIC_HTTP_OTHER_PRE_COMPRESSION_BYTES STATISTIC_HTTP_OTHER_POST_COMPRESSION_BYTES STATISTIC_SSL_CACHE_CURRENT_ENTRIES STATISTIC_SSL_CACHE_MAXIMUM_ENTRIES STATISTIC_SSL_CACHE_OVERFLOWS STATISTIC_SSL_CIPHER_ADH_KEY_EXCHANGE STATISTIC_SSL_CIPHER_DH_DSS_KEY_EXCHANGE STATISTIC_SSL_CIPHER_DH_RSA_KEY_EXCHANGE STATISTIC_SSL_CIPHER_DSS_KEY_EXCHANGE STATISTIC_SSL_CIPHER_EDH_DSS_KEY_EXCHANGE STATISTIC_SSL_CIPHER_EDH_RSA_KEY_EXCHANGE STATISTIC_SSL_CIPHER_RSA_KEY_EXCHANGE STATISTIC_SSL_CIPHER_NULL_BULK STATISTIC_SSL_CIPHER_AES_BULK STATISTIC_SSL_CIPHER_DES_BULK STATISTIC_SSL_CIPHER_IDEA_BULK STATISTIC_SSL_CIPHER_RC2_BULK STATISTIC_SSL_CIPHER_RC4_BULK STATISTIC_SSL_CIPHER_NULL_DIGEST STATISTIC_SSL_CIPHER_MD5_DIGEST STATISTIC_SSL_CIPHER_SHA_DIGEST STATISTIC_SSL_PROTOCOL_SSLV2 STATISTIC_SSL_PROTOCOL_SSLV3 STATISTIC_SSL_PROTOCOL_TLSV1 STATISTIC_SSL_COMMON_CURRENT_CONNECTIONS STATISTIC_SSL_COMMON_MAXIMUM_CONNECTIONS STATISTIC_SSL_COMMON_CURRENT_NATIVE_CONNECTIONS STATISTIC_SSL_COMMON_MAXIMUM_NATIVE_CONNECTIONS STATISTIC_SSL_COMMON_TOTAL_NATIVE_CONNECTIONS STATISTIC_SSL_COMMON_CURRENT_COMPATIBLE_MODE_CONNECTIONS STATISTIC_SSL_COMMON_MAXIMUM_COMPATIBLE_MODE_CONNECTIONS STATISTIC_SSL_COMMON_TOTAL_COMPATIBLE_MODE_CONNECTIONS STATISTIC_SSL_COMMON_ENCRYPTED_BYTES_IN STATISTIC_SSL_COMMON_ENCRYPTED_BYTES_OUT STATISTIC_SSL_COMMON_DECRYPTED_BYTES_IN STATISTIC_SSL_COMMON_DECRYPTED_BYTES_OUT STATISTIC_SSL_COMMON_RECORDS_IN STATISTIC_SSL_COMMON_RECORDS_OUT STATISTIC_SSL_COMMON_FULLY_HW_ACCELERATED_CONNECTIONS STATISTIC_SSL_COMMON_PARTIALLY_HW_ACCELERATED_CONNECTIONS STATISTIC_SSL_COMMON_NON_HW_ACCELERATED_CONNECTIONS STATISTIC_SSL_COMMON_PREMATURE_DISCONNECTS STATISTIC_SSL_COMMON_MIDSTREAM_RENEGOTIATIONS STATISTIC_SSL_COMMON_SESSION_CACHE_CURRENT_ENTRIES STATISTIC_SSL_COMMON_SESSION_CACHE_HITS STATISTIC_SSL_COMMON_SESSION_CACHE_LOOKUPS STATISTIC_SSL_COMMON_SESSION_CACHE_OVERFLOWS STATISTIC_SSL_COMMON_SESSION_CACHE_INVALIDATIONS STATISTIC_SSL_COMMON_VALID_PEER_CERTIFICATES STATISTIC_SSL_COMMON_INVALID_PEER_CERTIFICATES STATISTIC_SSL_COMMON_NO_PEER_CERTIFICATES STATISTIC_SSL_COMMON_HANDSHAKE_FAILURES STATISTIC_SSL_COMMON_BAD_RECORDS STATISTIC_SSL_COMMON_FATAL_ALERTS STATISTIC_AUTH_TOTAL_SESSIONS STATISTIC_AUTH_CURRENT_SESSIONS STATISTIC_AUTH_MAXIMUM_SESSIONS STATISTIC_AUTH_SUCCESS_RESULTS STATISTIC_AUTH_FAILURE_RESULTS STATISTIC_AUTH_WANT_CREDENTIAL_RESULTS STATISTIC_AUTH_ERROR_RESULTS STATISTIC_XML_TOTAL_ERRORS STATISTIC_FAST_HTTP_CLIENT_SYN_COOKIES STATISTIC_FAST_HTTP_CLIENT_ACCEPTS STATISTIC_FAST_HTTP_SERVER_CONNECTS STATISTIC_FAST_HTTP_CONNECTION_POOL_CURRENT_SIZE STATISTIC_FAST_HTTP_CONNECTION_POOL_MAXIMUM_SIZE STATISTIC_FAST_HTTP_CONNECTION_POOL_REUSES STATISTIC_FAST_HTTP_CONNECTION_POOL_EXHAUSTED STATISTIC_FAST_HTTP_TOTAL_REQUESTS STATISTIC_FAST_HTTP_UNBUFFERED_REQUESTS STATISTIC_FAST_HTTP_GET_REQUESTS STATISTIC_FAST_HTTP_POST_REQUESTS STATISTIC_FAST_HTTP_V9_REQUESTS STATISTIC_FAST_HTTP_V10_REQUESTS STATISTIC_FAST_HTTP_V11_REQUESTS STATISTIC_FAST_HTTP_2XX_RESPONSES STATISTIC_FAST_HTTP_3XX_RESPONSES STATISTIC_FAST_HTTP_4XX_RESPONSES STATISTIC_FAST_HTTP_5XX_RESPONSES STATISTIC_FAST_HTTP_REQUEST_PARSE_ERRORS STATISTIC_FAST_HTTP_RESPONSE_PARSE_ERRORS STATISTIC_FAST_HTTP_CLIENTSIDE_BAD_SEGMENTS STATISTIC_FAST_HTTP_SERVERSIDE_BAD_SEGMENTS STATISTIC_FAST_HTTP_PIPELINED_REQUESTS STATISTIC_SSL_COMMON_NOT_SSL_HANDSHAKE_FAILURES STATISTIC_HTTP_RAM_CACHE_HITS STATISTIC_HTTP_RAM_CACHE_MISSES STATISTIC_HTTP_RAM_CACHE_TOTAL_MISSES STATISTIC_HTTP_RAM_CACHE_HIT_BYTES STATISTIC_HTTP_RAM_CACHE_MISS_BYTES STATISTIC_HTTP_RAM_CACHE_TOTAL_MISS_BYTES STATISTIC_HTTP_RAM_CACHE_SIZE STATISTIC_HTTP_RAM_CACHE_COUNT STATISTIC_HTTP_RAM_CACHE_EVICTIONS STATISTIC_VCOMPRESSION_QUEUED_BYTES STATISTIC_VCOMPRESSION_PRE_COMPRESSION_BYTES STATISTIC_VCOMPRESSION_POST_COMPRESSION_BYTES STATISTIC_VCOMPRESSION_TOTAL_STREAMS STATISTIC_VCOMPRESSION_CURRENT_STREAMS STATISTIC_IIOP_TOTAL_REQUESTS STATISTIC_IIOP_TOTAL_RESPONSES STATISTIC_IIOP_TOTAL_CANCELS STATISTIC_IIOP_TOTAL_ERRORS STATISTIC_IIOP_TOTAL_FRAGMENTS STATISTIC_RTSP_TOTAL_REQUESTS STATISTIC_RTSP_TOTAL_RESPONSES STATISTIC_RTSP_TOTAL_ERRORS STATISTIC_RTSP_TOTAL_INTERLEAVED_DATA STATISTIC_GTM_METRICS_CPU_USAGE STATISTIC_GTM_METRICS_MEMORY_AVAILABLE STATISTIC_GTM_METRICS_BITS_PER_SECOND_IN STATISTIC_GTM_METRICS_BITS_PER_SECOND_OUT STATISTIC_GTM_METRICS_PACKETS_PER_SECOND_IN STATISTIC_GTM_METRICS_PACKETS_PER_SECOND_OUT STATISTIC_GTM_METRICS_TOTAL_CONNECTIONS STATISTIC_GTM_METRICS_TOTAL_CONNECTION_RATE STATISTIC_GTM_LINK_TOTAL_BIT_RATE STATISTIC_GTM_LINK_TOTAL_GATEWAY_BIT_RATE STATISTIC_GTM_LINK_INBOUND_GATEWAY_BIT_RATE STATISTIC_GTM_LINK_OUTBOUND_GATEWAY_BIT_RATE STATISTIC_GTM_LINK_TOTAL_VS_BIT_RATE STATISTIC_GTM_LINK_INBOUND_VS_BIT_RATE STATISTIC_GTM_LINK_OUTBOUND_VS_BIT_RATE STATISTIC_GTM_LINK_TOTAL_INBOUND_BIT_RATE STATISTIC_GTM_LINK_TOTAL_OUTBOUND_BIT_RATE STATISTIC_GTM_LINK_LCS_OUT STATISTIC_GTM_LINK_LCS_IN STATISTIC_GTM_POOL_PREFERRED_LB_METHODS STATISTIC_GTM_POOL_ALTERNATE_LB_METHODS STATISTIC_GTM_POOL_FALLBACK_LB_METHODS STATISTIC_GTM_POOL_DROPPED_CONNECTIONS STATISTIC_GTM_POOL_EXPLICIT_IP STATISTIC_GTM_POOL_RETURN_TO_DNS STATISTIC_GTM_POOL_MEMBER_PREFERRED_LB_METHODS STATISTIC_GTM_POOL_MEMBER_ALTERNATE_LB_METHODS STATISTIC_GTM_POOL_MEMBER_FALLBACK_LB_METHODS STATISTIC_GTM_SERVER_VS_PICKS STATISTIC_GTM_VIRTUAL_SERVER_PICKS STATISTIC_GTM_WIDEIP_REQUESTS STATISTIC_GTM_WIDEIP_RESOLUTIONS STATISTIC_GTM_WIDEIP_PERSISTED STATISTIC_GTM_WIDEIP_PREFERRED_LB_METHODS STATISTIC_GTM_WIDEIP_ALTERNATE_LB_METHODS STATISTIC_GTM_WIDEIP_FALLBACK_LB_METHODS STATISTIC_GTM_WIDEIP_DROPPED_CONNECTIONS STATISTIC_GTM_WIDEIP_EXPLICIT_IP STATISTIC_GTM_WIDEIP_RETURN_TO_DNS STATISTIC_GTM_MEMORY_TOTAL_BYTES STATISTIC_GTM_MEMORY_USED_BYTES STATISTIC_GTM_IQUERY_RECONNECTS STATISTIC_GTM_IQUERY_RECEIVED_BYTES STATISTIC_GTM_IQUERY_SENT_BYTES STATISTIC_GTM_BACKLOGGED_SENDS STATISTIC_GTM_DROPPED_BYTES STATISTIC_GTM_PATH_CURRENT_RTT STATISTIC_GTM_PATH_AVERAGE_RTT STATISTIC_GTM_PATH_CURRENT_HOPS STATISTIC_GTM_PATH_AVERAGE_HOPS STATISTIC_GTM_PATH_CURRENT_COMPENSATION_RATE STATISTIC_GTM_PATH_AVERAGE_COMPENSATION_RATE STATISTIC_GTM_LDNS_REQUESTS STATISTIC_HTTPCLASS_COOKIE_PERSIST_INSERTS STATISTIC_HTTPCLASS_2XX_RESPONSES STATISTIC_HTTPCLASS_3XX_RESPONSES STATISTIC_HTTPCLASS_4XX_RESPONSES STATISTIC_HTTPCLASS_5XX_RESPONSES STATISTIC_HTTPCLASS_TOTAL_REQUESTS STATISTIC_HTTPCLASS_GET_REQUESTS STATISTIC_HTTPCLASS_POST_REQUESTS STATISTIC_HTTPCLASS_V9_REQUESTS STATISTIC_HTTPCLASS_V10_REQUESTS STATISTIC_HTTPCLASS_V11_REQUESTS STATISTIC_HTTPCLASS_V9_RESPONSES STATISTIC_HTTPCLASS_V10_RESPONSES STATISTIC_HTTPCLASS_V11_RESPONSES STATISTIC_HTTPCLASS_MAXIMUM_KEEPALIVE_REQUESTS STATISTIC_HTTPCLASS_BUCKET_1K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_4K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_16K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_32K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_64K_RESPONSES STATISTIC_HTTPCLASS_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_NULL_COMPRESSION_BYTES STATISTIC_HTTPCLASS_HTML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_HTML_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_CSS_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_CSS_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_JS_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_JS_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_XML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_XML_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_SGML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_SGML_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_PLAIN_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_PLAIN_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_OCTET_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_OCTET_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_IMAGE_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_IMAGE_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_VIDEO_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_VIDEO_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_AUDIO_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_AUDIO_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_OTHER_PRE_COMPRESSION_BYTES STATISTIC_HTTPCLASS_OTHER_POST_COMPRESSION_BYTES STATISTIC_HTTPCLASS_RAM_CACHE_HITS STATISTIC_HTTPCLASS_RAM_CACHE_MISSES STATISTIC_HTTPCLASS_RAM_CACHE_TOTAL_MISSES STATISTIC_HTTPCLASS_RAM_CACHE_HIT_BYTES STATISTIC_HTTPCLASS_RAM_CACHE_MISS_BYTES STATISTIC_HTTPCLASS_RAM_CACHE_TOTAL_MISS_BYTES STATISTIC_SCTP_ACCEPTS STATISTIC_SCTP_FAILED_ACCEPT STATISTIC_SCTP_CONNECTIONS STATISTIC_SCTP_FAILED_CONNECTION STATISTIC_SCTP_EXPIRED_CONNECTIONS STATISTIC_SCTP_ABANDONED_CONNECTIONS STATISTIC_SCTP_RESETS STATISTIC_SCTP_BAD_CHECKSUMS STATISTIC_SCTP_COOKIES STATISTIC_SCTP_BAD_COOKIES STATISTIC_GTM_LINK_PATHS STATISTIC_GTM_TOTAL_LDNSES STATISTIC_GTM_TOTAL_PATHS STATISTIC_HARDWARE_SYN_COOKIES_GENERATED STATISTIC_HARDWARE_SYN_COOKIES_DETECTED STATISTIC_FASTL4_OPEN_CONNECTIONS STATISTIC_FASTL4_ACCEPTED_CONNECTIONS STATISTIC_FASTL4_ACCEPT_FAILURES STATISTIC_FASTL4_EXPIRED_CONNECTIONS STATISTIC_FASTL4_RECEIVED_BAD_PACKET STATISTIC_FASTL4_ACCEPTED_ICMP_UNREACH_OR_TCP_RST STATISTIC_FASTL4_ACCEPTED_TCP_RST_OUT_OF_WIN STATISTIC_FASTL4_RECEIVED_BAD_CHECKSUMS STATISTIC_FASTL4_RECEIVED_BAD_TXERR STATISTIC_FASTL4_RECEIVED_SYN_COOKIES_ISSUED STATISTIC_FASTL4_RECEIVED_SYN_COOKIES_ACCEPTED STATISTIC_FASTL4_RECEIVED_SYN_COOKIES_REJECTED STATISTIC_FASTL4_RECEIVED_SYN_COOKIES_SYN_TO_SERVER_RETRANS STATISTIC_TM_PID STATISTIC_TM_CPU STATISTIC_TM_TMID STATISTIC_TM_NPUS STATISTIC_TM_CMP_CONN_REDIRECTED STATISTIC_CPU_COUNT STATISTIC_CPU_INFO_CPU_ID STATISTIC_CPU_INFO_USER STATISTIC_CPU_INFO_NICED STATISTIC_CPU_INFO_SYSTEM STATISTIC_CPU_INFO_IDLE STATISTIC_CPU_INFO_IRQ STATISTIC_CPU_INFO_SOFTIRQ STATISTIC_CPU_INFO_IOWAIT STATISTIC_CPU_INFO_USAGE_RATIO STATISTIC_SIP_REQUESTS STATISTIC_SIP_RESPONSES STATISTIC_SIP_BAD_MESSAGES STATISTIC_SIP_DROPS STATISTIC_CPU_INFO_FIVE_SEC_AVG_USER STATISTIC_CPU_INFO_FIVE_SEC_AVG_NICED STATISTIC_CPU_INFO_FIVE_SEC_AVG_SYSTEM STATISTIC_CPU_INFO_FIVE_SEC_AVG_IDLE STATISTIC_CPU_INFO_FIVE_SEC_AVG_IRQ STATISTIC_CPU_INFO_FIVE_SEC_AVG_SOFTIRQ STATISTIC_CPU_INFO_FIVE_SEC_AVG_IOWAIT STATISTIC_CPU_INFO_FIVE_SEC_AVG_USAGE_RATIO STATISTIC_CPU_INFO_ONE_MIN_AVG_USER STATISTIC_CPU_INFO_ONE_MIN_AVG_NICED STATISTIC_CPU_INFO_ONE_MIN_AVG_SYSTEM STATISTIC_CPU_INFO_ONE_MIN_AVG_IDLE STATISTIC_CPU_INFO_ONE_MIN_AVG_IRQ STATISTIC_CPU_INFO_ONE_MIN_AVG_SOFTIRQ STATISTIC_CPU_INFO_ONE_MIN_AVG_IOWAIT STATISTIC_CPU_INFO_ONE_MIN_AVG_USAGE_RATIO STATISTIC_CPU_INFO_FIVE_MIN_AVG_USER STATISTIC_CPU_INFO_FIVE_MIN_AVG_NICED STATISTIC_CPU_INFO_FIVE_MIN_AVG_SYSTEM STATISTIC_CPU_INFO_FIVE_MIN_AVG_IDLE STATISTIC_CPU_INFO_FIVE_MIN_AVG_IRQ STATISTIC_CPU_INFO_FIVE_MIN_AVG_SOFTIRQ STATISTIC_CPU_INFO_FIVE_MIN_AVG_IOWAIT STATISTIC_CPU_INFO_FIVE_MIN_AVG_USAGE_RATIO STATISTIC_TM_SLOT_ID STATISTIC_GTM_METRICS_VIRTUAL_SERVER_SCORE STATISTIC_CPU_INFO_STOLEN STATISTIC_CPU_INFO_FIVE_SEC_AVG_STOLEN STATISTIC_CPU_INFO_ONE_MIN_AVG_STOLEN STATISTIC_CPU_INFO_FIVE_MIN_AVG_STOLEN STATISTIC_TM_FIVE_SEC_AVG_USAGE_RATIO STATISTIC_TM_ONE_MIN_AVG_USAGE_RATIO STATISTIC_TM_FIVE_MIN_AVG_USAGE_RATIO STATISTIC_HTTP_BUCKET_128K_RESPONSES STATISTIC_HTTP_BUCKET_512K_RESPONSES STATISTIC_HTTP_BUCKET_2M_RESPONSES STATISTIC_HTTP_BUCKET_LARGE_RESPONSES STATISTIC_HTTPCLASS_BUCKET_128K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_512K_RESPONSES STATISTIC_HTTPCLASS_BUCKET_2M_RESPONSES STATISTIC_HTTPCLASS_BUCKET_LARGE_RESPONSES STATISTIC_DIAMETER_TOT_CAPABILITIES_EXCHANGE_REQUESTS STATISTIC_DIAMETER_TOT_CAPABILITIES_EXCHANGE_ANSWERS STATISTIC_DIAMETER_TOT_DEVICE_WATCHDOG_REQUESTS STATISTIC_DIAMETER_TOT_DEVICE_WATCHDOG_ANSWERS STATISTIC_DIAMETER_TOT_DISCONNECT_PEER_REQUESTS STATISTIC_DIAMETER_TOT_DISCONNECT_PEER_ANSWERS STATISTIC_DIAMETER_TOT_ACCOUNTING_REQUESTS STATISTIC_DIAMETER_TOT_ACCOUNTING_ANSWERS STATISTIC_DIAMETER_TOT_CREDIT_CONTROL_REQUESTS STATISTIC_DIAMETER_TOT_CREDIT_CONTROL_ANSWERS STATISTIC_DIAMETER_TOT_USER_AUTHORIZATION_REQUESTS STATISTIC_DIAMETER_TOT_USER_AUTHORIZATION_ANSWERS STATISTIC_DIAMETER_TOT_OTHER_REQUESTS STATISTIC_DIAMETER_TOT_OTHER_ANSWERS STATISTIC_DIAMETER_TOT_BAD_MESSAGES STATISTIC_RADIUS_REQUESTS STATISTIC_RADIUS_ACCEPTS STATISTIC_RADIUS_REJECTS STATISTIC_RADIUS_CHALLENGES STATISTIC_RADIUS_ACCOUNTING_REQUESTS STATISTIC_RADIUS_ACCOUNTING_RESPONSES STATISTIC_RADIUS_OTHER_MESSAGES STATISTIC_RADIUS_DROPS STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_BYTES_IN STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_BYTES_OUT STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_PACKETS_IN STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_PACKETS_OUT STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_CURRENT_CONNECTIONS STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_MAXIMUM_CONNECTIONS STATISTIC_CLIENT_SIDE_FIVE_SEC_AVG_TOTAL_CONNECTIONS STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_BYTES_IN STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_BYTES_OUT STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_PACKETS_IN STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_PACKETS_OUT STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_CLIENT_SIDE_ONE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_BYTES_IN STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_BYTES_OUT STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_PACKETS_IN STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_PACKETS_OUT STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_CLIENT_SIDE_FIVE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_BYTES_IN STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_BYTES_OUT STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_PACKETS_IN STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_PACKETS_OUT STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_CURRENT_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_MAXIMUM_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_SEC_AVG_TOTAL_CONNECTIONS STATISTIC_SERVER_SIDE_ONE_MIN_AVG_BYTES_IN STATISTIC_SERVER_SIDE_ONE_MIN_AVG_BYTES_OUT STATISTIC_SERVER_SIDE_ONE_MIN_AVG_PACKETS_IN STATISTIC_SERVER_SIDE_ONE_MIN_AVG_PACKETS_OUT STATISTIC_SERVER_SIDE_ONE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_SERVER_SIDE_ONE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_SERVER_SIDE_ONE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_BYTES_IN STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_BYTES_OUT STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_PACKETS_IN STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_PACKETS_OUT STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_SERVER_SIDE_FIVE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_BYTES_IN STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_BYTES_OUT STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_PACKETS_IN STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_PACKETS_OUT STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_SEC_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_BYTES_IN STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_BYTES_OUT STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_PACKETS_IN STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_PACKETS_OUT STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_ONE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_BYTES_IN STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_BYTES_OUT STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_PACKETS_IN STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_PACKETS_OUT STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_CLIENT_SIDE_FIVE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_BYTES_IN STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_BYTES_OUT STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_PACKETS_IN STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_PACKETS_OUT STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_SEC_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_BYTES_IN STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_BYTES_OUT STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_PACKETS_IN STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_PACKETS_OUT STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_ONE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_BYTES_IN STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_BYTES_OUT STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_PACKETS_IN STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_PACKETS_OUT STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_CURRENT_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_MAXIMUM_CONNECTIONS STATISTIC_PVA_SERVER_SIDE_FIVE_MIN_AVG_TOTAL_CONNECTIONS STATISTIC_SSL_FIVE_SEC_AVG_TOT_CONNS STATISTIC_SSL_ONE_MIN_AVG_TOT_CONNS STATISTIC_SSL_FIVE_MIN_AVG_TOT_CONNS STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_HITS STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_MISSES STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_HIT_BYTES STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_CACHE_SIZE STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_ENTITIES STATISTIC_HTTP_RAM_CACHE_INTER_STRIPE_EVICTIONS STATISTIC_HTTP_RAM_CACHE_REMOTE_HITS STATISTIC_HTTP_RAM_CACHE_REMOTE_MISSES STATISTIC_HTTP_RAM_CACHE_REMOTE_HIT_BYTES STATISTIC_HTTPCLASS_RAM_CACHE_INTER_STRIPE_HITS STATISTIC_HTTPCLASS_RAM_CACHE_INTER_STRIPE_MISSES STATISTIC_HTTPCLASS_RAM_CACHE_INTER_STRIPE_HIT_BYTES STATISTIC_HTTPCLASS_RAM_CACHE_REMOTE_HITS STATISTIC_HTTPCLASS_RAM_CACHE_REMOTE_MISSES STATISTIC_HTTPCLASS_RAM_CACHE_REMOTE_HIT_BYTES STATISTIC_RATE_CLASS_BYTES_DROPPED_TAIL STATISTIC_RATE_CLASS_PACKETS_DROPPED_TAIL STATISTIC_RATE_CLASS_BYTES_DROPPED_RAND STATISTIC_RATE_CLASS_PACKETS_DROPPED_RAND STATISTIC_RATE_CLASS_PACKETS_DROPPED STATISTIC_GTM_WIDEIP_A_REQUESTS STATISTIC_GTM_WIDEIP_AAAA_REQUESTS STATISTIC_HTTPCOMPRESSION_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_NULL_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_HTML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_HTML_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_CSS_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_CSS_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_JS_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_JS_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_XML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_XML_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_SGML_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_SGML_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_PLAIN_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_PLAIN_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_OCTET_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_OCTET_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_IMAGE_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_IMAGE_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_VIDEO_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_VIDEO_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_AUDIO_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_AUDIO_POST_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_OTHER_PRE_COMPRESSION_BYTES STATISTIC_HTTPCOMPRESSION_OTHER_POST_COMPRESSION_BYTES STATISTIC_WEBACCELERATION_CACHE_HITS STATISTIC_WEBACCELERATION_CACHE_MISSES STATISTIC_WEBACCELERATION_CACHE_TOTAL_MISSES STATISTIC_WEBACCELERATION_CACHE_HIT_BYTES STATISTIC_WEBACCELERATION_CACHE_MISS_BYTES STATISTIC_WEBACCELERATION_CACHE_TOTAL_MISS_BYTES STATISTIC_WEBACCELERATION_CACHE_SIZE STATISTIC_WEBACCELERATION_CACHE_COUNT STATISTIC_WEBACCELERATION_CACHE_EVICTIONS STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_HITS STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_MISSES STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_HIT_BYTES STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_CACHE_SIZE STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_ENTITIES STATISTIC_WEBACCELERATION_CACHE_INTER_STRIPE_EVICTIONS STATISTIC_WEBACCELERATION_CACHE_REMOTE_HITS STATISTIC_WEBACCELERATION_CACHE_REMOTE_MISSES STATISTIC_WEBACCELERATION_CACHE_REMOTE_HIT_BYTES STATISTIC_GTM_PROBER_POOL_TOTAL_PROBES STATISTIC_GTM_PROBER_POOL_SUCCESSFUL_PROBES STATISTIC_GTM_PROBER_POOL_FAILED_PROBES STATISTIC_DNS_EXPRESS_SOA_SERIAL_NUMBER STATISTIC_DNS_EXPRESS_SOA_REFRESH_INTERVAL STATISTIC_DNS_EXPRESS_SOA_RETRY_INTERVAL STATISTIC_DNS_EXPRESS_SOA_EXPIRE_INTERVAL STATISTIC_DNS_EXPRESS_ZONE_DB_RESOURCE_RECORDS STATISTIC_VIRTUAL_SERVER_TOTAL_CPU_CYCLES STATISTIC_VIRTUAL_SERVER_FIVE_SEC_AVG_CPU_USAGE STATISTIC_VIRTUAL_SERVER_ONE_MIN_AVG_CPU_USAGE STATISTIC_VIRTUAL_SERVER_FIVE_MIN_AVG_CPU_USAGE STATISTIC_CONNQUEUE_CONNECTIONS STATISTIC_CONNQUEUE_AGE_OLDEST_ENTRY STATISTIC_CONNQUEUE_AGE_MAX STATISTIC_CONNQUEUE_AGE_MOVING_AVG STATISTIC_CONNQUEUE_AGE_EXPONENTIAL_DECAY_MAX STATISTIC_CONNQUEUE_SERVICED STATISTIC_CONNQUEUE_AGGR_CONNECTIONS STATISTIC_CONNQUEUE_AGGR_AGE_OLDEST_ENTRY STATISTIC_CONNQUEUE_AGGR_AGE_MAX STATISTIC_CONNQUEUE_AGGR_AGE_MOVING_AVG STATISTIC_CONNQUEUE_AGGR_AGE_EXPONENTIAL_DECAY_MAX STATISTIC_CONNQUEUE_AGGR_SERVICED STATISTIC_DNS_REQUESTS STATISTIC_DNS_RESPONSES STATISTIC_DNS_RESPONSES_PER_SECOND STATISTIC_DNS_REQUESTS_TO_GTM STATISTIC_DNS_REQUESTS_TO_BACKEND_DNS STATISTIC_DNS_DNS64_REQUESTS STATISTIC_DNS_DNS64_TRANSLATIONS STATISTIC_DNS_DNS64_FAILS STATISTIC_DNS_EXPRESS_REQUESTS STATISTIC_DNS_EXPRESS_NOTIFIES STATISTIC_DNS_HINTS STATISTIC_DNS_REJECTS STATISTIC_DNS_NOERRORS STATISTIC_DNS_DROPS STATISTIC_XML_DOCUMENTS_INSPECTED STATISTIC_XML_DOCUMENTS_ONE_XPATH_MATCH STATISTIC_XML_DOCUMENTS_TWO_XPATH_MATCHES STATISTIC_XML_DOCUMENTS_THREE_XPATH_MATCHES STATISTIC_XML_DOCUMENTS_NOMATCH STATISTIC_XML_DOCUMENTS_MALFORMED STATISTIC_WAM_APPLICATION_PROXIED STATISTIC_WAM_APPLICATION_PROXIED_BYTES STATISTIC_WAM_APPLICATION_PROXIED_1500 STATISTIC_WAM_APPLICATION_PROXIED_10K STATISTIC_WAM_APPLICATION_PROXIED_50K STATISTIC_WAM_APPLICATION_PROXIED_100K STATISTIC_WAM_APPLICATION_PROXIED_500K STATISTIC_WAM_APPLICATION_PROXIED_1M STATISTIC_WAM_APPLICATION_PROXIED_5M STATISTIC_WAM_APPLICATION_PROXIED_LARGE STATISTIC_WAM_APPLICATION_PROXIED_NEW STATISTIC_WAM_APPLICATION_PROXIED_EXPIRED STATISTIC_WAM_APPLICATION_PROXIED_PER_POLICY STATISTIC_WAM_APPLICATION_PROXIED_PER_IRULE STATISTIC_WAM_APPLICATION_PROXIED_PER_INVALIDATION STATISTIC_WAM_APPLICATION_PROXIED_PER_CLIENT_REQUEST STATISTIC_WAM_APPLICATION_PROXIED_BYPASS STATISTIC_WAM_APPLICATION_FROM_CACHE STATISTIC_WAM_APPLICATION_FROM_CACHE_BYTES STATISTIC_WAM_APPLICATION_FROM_CACHE_1500 STATISTIC_WAM_APPLICATION_FROM_CACHE_10K STATISTIC_WAM_APPLICATION_FROM_CACHE_50K STATISTIC_WAM_APPLICATION_FROM_CACHE_100K STATISTIC_WAM_APPLICATION_FROM_CACHE_500K STATISTIC_WAM_APPLICATION_FROM_CACHE_1M STATISTIC_WAM_APPLICATION_FROM_CACHE_5M STATISTIC_WAM_APPLICATION_FROM_CACHE_LARGE STATISTIC_WAM_APPLICATION_OWS_2XX STATISTIC_WAM_APPLICATION_OWS_3XX STATISTIC_WAM_APPLICATION_OWS_4XX STATISTIC_WAM_APPLICATION_OWS_5XX STATISTIC_WAM_APPLICATION_OWS_DROPPED STATISTIC_WAM_APPLICATION_OWS_REJECTED STATISTIC_WAM_APPLICATION_WAM_2XX STATISTIC_WAM_APPLICATION_WAM_3XX STATISTIC_WAM_APPLICATION_WAM_4XX STATISTIC_WAM_APPLICATION_WAM_5XX STATISTIC_WAM_APPLICATION_WAM_503 STATISTIC_WAM_APPLICATION_WAM_DROPPED STATISTIC_SSL_COMMON_SECURE_HANDSHAKES STATISTIC_SSL_COMMON_INSECURE_HANDSHAKE_ACCEPTS STATISTIC_SSL_COMMON_INSECURE_HANDSHAKE_REJECTS STATISTIC_SSL_COMMON_INSECURE_RENEGOTIATION_REJECTS STATISTIC_SSL_COMMON_SNI_REJECTS STATISTIC_SSL_PROTOCOL_TLSV1_1 STATISTIC_SSL_PROTOCOL_TLSV1_2 STATISTIC_SSL_PROTOCOL_DTLSV1 STATISTIC_CURRENT_SESSIONS STATISTIC_DNS_CACHE_RESOLVER_QUERIES STATISTIC_DNS_CACHE_RESOLVER_RESPONSES STATISTIC_DNS_CACHE_RESOLVER_SYNC STATISTIC_DNS_CACHE_RESOLVER_ASYNC STATISTIC_DNS_CACHE_RESOLVER_FAILURE_RESOLVE STATISTIC_DNS_CACHE_RESOLVER_FAILURE_CONN STATISTIC_DNS_CACHE_RESOLVER_FAILURE_SERVER STATISTIC_DNS_CACHE_RESOLVER_FAILURE_SEND STATISTIC_DNS_CACHE_RESOLVER_MSG_HITS STATISTIC_DNS_CACHE_RESOLVER_MSG_MISSES STATISTIC_DNS_CACHE_RESOLVER_MSG_INSERTS STATISTIC_DNS_CACHE_RESOLVER_MSG_UPDATES STATISTIC_DNS_CACHE_RESOLVER_MSG_EVICTIONS STATISTIC_DNS_CACHE_RESOLVER_RRSET_HITS STATISTIC_DNS_CACHE_RESOLVER_RRSET_MISSES STATISTIC_DNS_CACHE_RESOLVER_RRSET_INSERTS STATISTIC_DNS_CACHE_RESOLVER_RRSET_UPDATES STATISTIC_DNS_CACHE_RESOLVER_RRSET_EVICTIONS STATISTIC_DNS_CACHE_RESOLVER_NAMESERVER_HITS STATISTIC_DNS_CACHE_RESOLVER_NAMESERVER_MISSES STATISTIC_DNS_CACHE_RESOLVER_NAMESERVER_INSERTS STATISTIC_DNS_CACHE_RESOLVER_NAMESERVER_UPDATES STATISTIC_DNS_CACHE_RESOLVER_NAMESERVER_EVICTIONS STATISTIC_DNS_CACHE_RESOLVER_KEY_HITS STATISTIC_DNS_CACHE_RESOLVER_KEY_MISSES STATISTIC_DNS_CACHE_RESOLVER_KEY_INSERTS STATISTIC_DNS_CACHE_RESOLVER_KEY_UPDATES STATISTIC_DNS_CACHE_RESOLVER_KEY_EVICTIONS STATISTIC_DNS_CACHE_RESOLVER_UDP_BYTES_IN STATISTIC_DNS_CACHE_RESOLVER_UDP_BYTES_OUT STATISTIC_DNS_CACHE_RESOLVER_UDP_PACKETS_IN STATISTIC_DNS_CACHE_RESOLVER_UDP_PACKETS_OUT STATISTIC_DNS_CACHE_RESOLVER_UDP_CURRENT_CONNS STATISTIC_DNS_CACHE_RESOLVER_UDP_MAX_CONNS STATISTIC_DNS_CACHE_RESOLVER_UDP_TOTAL_CONNS STATISTIC_DNS_CACHE_RESOLVER_TCP_BYTES_IN STATISTIC_DNS_CACHE_RESOLVER_TCP_BYTES_OUT STATISTIC_DNS_CACHE_RESOLVER_TCP_PACKETS_IN STATISTIC_DNS_CACHE_RESOLVER_TCP_PACKETS_OUT STATISTIC_DNS_CACHE_RESOLVER_TCP_CURRENT_CONNS STATISTIC_DNS_CACHE_RESOLVER_TCP_MAX_CONNS STATISTIC_DNS_CACHE_RESOLVER_TCP_TOTAL_CONNS STATISTIC_DNS_CACHE_RESOLVER_UNSOLICITED_REPLIES STATISTIC_DNS_CACHE_RESOLVER_SEC_UNCHECKED STATISTIC_DNS_CACHE_RESOLVER_SEC_BOGUS STATISTIC_DNS_CACHE_RESOLVER_SEC_INDETERMINATE STATISTIC_DNS_CACHE_RESOLVER_SEC_INSECURE STATISTIC_DNS_CACHE_RESOLVER_SEC_SECURE STATISTIC_DNS_REQUESTS_TO_CACHE STATISTIC_DNS_MALFORMED STATISTIC_DNS_SUSPENDS STATISTIC_DIAMETERROUTING_PEER_CAPABILITIES_EXCHANGE_REQUESTS_IN STATISTIC_DIAMETERROUTING_PEER_CAPABILITIES_EXCHANGE_ANSWERS_IN STATISTIC_DIAMETERROUTING_PEER_DEVICE_WATCHDOG_REQUESTS_IN STATISTIC_DIAMETERROUTING_PEER_DEVICE_WATCHDOG_ANSWERS_IN STATISTIC_DIAMETERROUTING_PEER_DISCONNECT_PEER_REQUESTS_IN STATISTIC_DIAMETERROUTING_PEER_DISCONNECT_PEER_ANSWERS_IN STATISTIC_DIAMETERROUTING_PEER_CAPABILITIES_EXCHANGE_REQUESTS_OUT STATISTIC_DIAMETERROUTING_PEER_CAPABILITIES_EXCHANGE_ANSWERS_OUT STATISTIC_DIAMETERROUTING_PEER_DEVICE_WATCHDOG_REQUESTS_OUT STATISTIC_DIAMETERROUTING_PEER_DEVICE_WATCHDOG_ANSWERS_OUT STATISTIC_DIAMETERROUTING_PEER_DISCONNECT_PEER_REQUESTS_OUT STATISTIC_DIAMETERROUTING_PEER_DISCONNECT_PEER_ANSWERS_OUT STATISTIC_DIAMETERROUTING_PEER_REQUESTS_IN STATISTIC_DIAMETERROUTING_PEER_REQUESTS_OUT STATISTIC_DIAMETERROUTING_PEER_ANSWERS_IN STATISTIC_DIAMETERROUTING_PEER_ANSWERS_OUT STATISTIC_DIAMETERROUTING_PEER_DETECTED_LOOPS STATISTIC_DIAMETERROUTING_PEER_ACTIVE_SESSIONS STATISTIC_DIAMETERROUTING_PEER_BYTES_SENT STATISTIC_DIAMETERROUTING_PEER_BYTES_RECEIVED STATISTIC_DIAMETERROUTING_PEER_ERRORS STATISTIC_DIAMETERROUTING_CAPABILITIES_EXCHANGE_REQUESTS_IN STATISTIC_DIAMETERROUTING_CAPABILITIES_EXCHANGE_ANSWERS_IN STATISTIC_DIAMETERROUTING_DEVICE_WATCHDOG_REQUESTS_IN STATISTIC_DIAMETERROUTING_DEVICE_WATCHDOG_ANSWERS_IN STATISTIC_DIAMETERROUTING_DISCONNECT_PEER_REQUESTS_IN STATISTIC_DIAMETERROUTING_DISCONNECT_PEER_ANSWERS_IN STATISTIC_DIAMETERROUTING_CAPABILITIES_EXCHANGE_REQUESTS_OUT STATISTIC_DIAMETERROUTING_CAPABILITIES_EXCHANGE_ANSWERS_OUT STATISTIC_DIAMETERROUTING_DEVICE_WATCHDOG_REQUESTS_OUT STATISTIC_DIAMETERROUTING_DEVICE_WATCHDOG_ANSWERS_OUT STATISTIC_DIAMETERROUTING_DISCONNECT_PEER_REQUESTS_OUT STATISTIC_DIAMETERROUTING_DISCONNECT_PEER_ANSWERS_OUT STATISTIC_DIAMETERROUTING_REQUESTS_IN STATISTIC_DIAMETERROUTING_REQUESTS_OUT STATISTIC_DIAMETERROUTING_ANSWERS_IN STATISTIC_DIAMETERROUTING_ANSWERS_OUT STATISTIC_DIAMETERROUTING_RETRANSMITS STATISTIC_DIAMETERROUTING_DETECTED_LOOPS STATISTIC_DIAMETERROUTING_DETECTED_DUPLICATES STATISTIC_DIAMETERROUTING_ACTIVE_SESSIONS STATISTIC_DIAMETERROUTING_QUEUE_OVERFLOW_DROPS STATISTIC_DIAMETERROUTING_BYTES_SENT STATISTIC_DIAMETERROUTING_BYTES_RECEIVED STATISTIC_DIAMETERROUTING_ERRORS STATISTIC_DIAMETERROUTING_BAD_MESSAGES STATISTIC_DIAMETERROUTING_UNCONFIGURED_PEERS STATISTIC_DIAMETERROUTING_UNCONFIGURED_PEER_MESSAGES STATISTIC_VCMP_DISK_USE STATISTIC_VCMP_MEMORY_USE STATISTIC_VCMP_UPTIME STATISTIC_VCMP_PACKETS_IN STATISTIC_VCMP_BYTES_IN STATISTIC_VCMP_PACKETS_OUT STATISTIC_VCMP_BYTES_OUT STATISTIC_VCMP_MULTICASTS_IN STATISTIC_VCMP_MULTICASTS_OUT STATISTIC_VCMP_DROPS_IN STATISTIC_VCMP_DROPS_OUT STATISTIC_VIRTUAL_DISK_DISK_USE STATISTIC_GTM_POOL_RETURN_FROM_DNS STATISTIC_GTM_WIDEIP_RETURN_FROM_DNS STATISTIC_SSL_SESSTICK_REUSED STATISTIC_SSL_SESSTICK_REUSE_FAILED STATISTIC_SSL_CIPHER_ECDHE_RSA_KEY_EXCHANGE STATISTIC_DNS_HDR_RD STATISTIC_DNS_HDR_CD STATISTIC_DNS_HDR_EDNS0 STATISTIC_DNS_OP_QUERY STATISTIC_DNS_OP_NOTIFY STATISTIC_DNS_OP_UPDATE STATISTIC_DNS_ZONE_IXFR STATISTIC_DNS_ZONE_AXFR STATISTIC_DNS_HDR_AA STATISTIC_DNS_HDR_RA STATISTIC_DNS_HDR_AD STATISTIC_DNS_HDR_TC STATISTIC_DNS_RC_NOERROR STATISTIC_DNS_RC_NXDOMAIN STATISTIC_DNS_RC_SERVFAIL STATISTIC_DNS_RC_REFUSED STATISTIC_ICAP_CURRENT_CONNECTIONS STATISTIC_ICAP_TOTAL_REQMODE_REQUEST STATISTIC_ICAP_TOTAL_REQMODE_RESPONSE STATISTIC_ICAP_TOTAL_RSPMODE_REQUEST STATISTIC_ICAP_TOTAL_RSPMODE_RESPONSE STATISTIC_ADAPT_CURRENT_CONNECTIONS STATISTIC_ADAPT_RECORDS_IN STATISTIC_ADAPT_RECORDS_OUT STATISTIC_ADAPT_RECORDS_SENT_FOR_ADAPTATION STATISTIC_ADAPT_RECORDS_ADAPTED STATISTIC_ADAPT_TIMEOUT_ERRORS STATISTIC_ADAPT_ADAPTATION_ERRORS STATISTIC_ACL_NO_MATCH STATISTIC_SSL_COMMON_FWDP_CONNS STATISTIC_SSL_COMMON_FWDP_CACHED_CERTS STATISTIC_GTM_POOL_CNAME_RESOLUTIONS STATISTIC_GTM_WIDEIP_CNAME_RESOLUTIONS STATISTIC_SPDY_CONNECTIONS_ACCEPTED STATISTIC_SPDY_CONNECTIONS_CURRENT STATISTIC_SPDY_CONNECTIONS_MAX STATISTIC_SPDY_DATA_FRAMES_RECEIVED STATISTIC_SPDY_DATA_FRAMES_SENT STATISTIC_SPDY_FLOWS_CREATED STATISTIC_SPDY_FLOWS_CURRENT STATISTIC_SPDY_FLOWS_MAX STATISTIC_SPDY_GOAWAY_FRAMES_RECEIVED STATISTIC_SPDY_GOAWAY_FRAMES_SENT STATISTIC_SPDY_HEADERS_FRAMES_RECEIVED STATISTIC_SPDY_HEADERS_FRAMES_SENT STATISTIC_SPDY_HTTP_REQUEST_BYTES STATISTIC_SPDY_HTTP_RESPONSE_BYTES STATISTIC_SPDY_NOOP_FRAMES_RECEIVED STATISTIC_SPDY_NOOP_FRAMES_SENT STATISTIC_SPDY_PING_FRAMES_RECEIVED STATISTIC_SPDY_PING_FRAMES_SENT STATISTIC_SPDY_RST_STREAM_FRAMES_RECEIVED STATISTIC_SPDY_RST_STREAM_FRAMES_SENT STATISTIC_SPDY_SETTINGS_FRAMES_RECEIVED STATISTIC_SPDY_SETTINGS_FRAMES_SENT STATISTIC_SPDY_SPDY_REQUEST_BYTES STATISTIC_SPDY_SPDY_REQUEST_FRAMES STATISTIC_SPDY_SPDY_RESPONSE_BYTES STATISTIC_SPDY_SPDY_RESPONSE_FRAMES STATISTIC_SPDY_SYN_REPLY_FRAMES_RECEIVED STATISTIC_SPDY_SYN_REPLY_FRAMES_SENT STATISTIC_SPDY_SYN_STREAM_FRAMES_RECEIVED STATISTIC_SPDY_SYN_STREAM_FRAMES_SENT STATISTIC_SPDY_V2_STREAMS_CREATED STATISTIC_SPDY_V2_STREAMS_CURRENT STATISTIC_SPDY_V2_STREAMS_MAX STATISTIC_SPDY_V3_STREAMS_CREATED STATISTIC_SPDY_V3_STREAMS_CURRENT STATISTIC_SPDY_V3_STREAMS_MAX STATISTIC_SPDY_WINDOW_UPDATE_FRAMES_RECEIVED STATISTIC_SPDY_WINDOW_UPDATE_FRAMES_SENT STATISTIC_LSN_POOL_TRANSLATION_REQUESTS STATISTIC_LSN_POOL_HAIRPIN_CONNECTION_REQUESTS STATISTIC_LSN_POOL_ACTIVE_TRANSLATIONS STATISTIC_LSN_POOL_ACTIVE_HAIRPIN_CONNECTIONS STATISTIC_LSN_POOL_TRANSLATION_REQUEST_FAILURES STATISTIC_LSN_POOL_PERSISTENCE_MAPPING_FAILURES STATISTIC_LSN_POOL_HAIRPIN_CONNECTION_FAILURES STATISTIC_LSN_POOL_BACKUP_POOL_TRANSLATIONS STATISTIC_LSN_POOL_ACTIVE_PERSISTENCE_MAPPINGS STATISTIC_LSN_POOL_ACTIVE_INBOUND_RESERVATIONS STATISTIC_LSN_POOL_LOG_ATTEMPTS STATISTIC_LSN_POOL_LOG_FAILURES STATISTIC_DNS_MALICIOUS STATISTIC_DNS_A_REQS STATISTIC_DNS_AAAA_REQS STATISTIC_DNS_ANY_REQS STATISTIC_DNS_CNAME_REQS STATISTIC_DNS_MX_REQS STATISTIC_DNS_NS_REQS STATISTIC_DNS_PTR_REQS STATISTIC_DNS_SOA_REQS STATISTIC_DNS_SRV_REQS STATISTIC_DNS_TXT_REQS STATISTIC_DNS_OTHER_REQS STATISTIC_DNS_FILTERED_DROPS STATISTIC_DNS_A_DROPS STATISTIC_DNS_AAAA_DROPS STATISTIC_DNS_ANY_DROPS STATISTIC_DNS_CNAME_DROPS STATISTIC_DNS_MX_DROPS STATISTIC_DNS_NS_DROPS STATISTIC_DNS_PTR_DROPS STATISTIC_DNS_SOA_DROPS STATISTIC_DNS_SRV_DROPS STATISTIC_DNS_TXT_DROPS STATISTIC_DNS_OTHER_DROPS STATISTIC_IP_INTELLIGENCE_SPAM_SOURCES_WARNINGS STATISTIC_IP_INTELLIGENCE_SPAM_SOURCES_REJECTS STATISTIC_IP_INTELLIGENCE_WINDOWS_EXPLOITS_WARNINGS STATISTIC_IP_INTELLIGENCE_WINDOWS_EXPLOITS_REJECTS STATISTIC_IP_INTELLIGENCE_WEB_ATTACKS_WARNINGS STATISTIC_IP_INTELLIGENCE_WEB_ATTACKS_REJECTS STATISTIC_IP_INTELLIGENCE_BOTNETS_WARNINGS STATISTIC_IP_INTELLIGENCE_BOTNETS_REJECTS STATISTIC_IP_INTELLIGENCE_SCANNERS_WARNINGS STATISTIC_IP_INTELLIGENCE_SCANNERS_REJECTS STATISTIC_IP_INTELLIGENCE_DENIAL_OF_SERVICE_WARNINGS STATISTIC_IP_INTELLIGENCE_DENIAL_OF_SERVICE_REJECTS STATISTIC_IP_INTELLIGENCE_INFECTED_SOURCES_WARNINGS STATISTIC_IP_INTELLIGENCE_INFECTED_SOURCES_REJECTS STATISTIC_IP_INTELLIGENCE_PHISHING_WARNINGS STATISTIC_IP_INTELLIGENCE_PHISHING_REJECTS STATISTIC_IP_INTELLIGENCE_PROXY_WARNINGS STATISTIC_IP_INTELLIGENCE_PROXY_REJECTS STATISTIC_DNS_EFFECTIVE_LICENSED_RATE STATISTIC_DNS_LICENSED_OBJECT_COUNT STATISTIC_DNS_RATE_LIMITED_REQUESTS STATISTIC_GTM_EFFECTIVE_LICENSED_RATE STATISTIC_GTM_LICENSED_OBJECT_COUNT STATISTIC_GTM_RATE_LIMITED_REQUESTS STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_HW_INSTANCES STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_SW_INSTANCES STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_CACHE_USAGE STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_CACHE_OVERFLOWS STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_SW_TOTAL STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_SW_ACCEPTS STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_SW_REJECTS STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_HW_TOTAL STATISTIC_VIRTUAL_SERVER_SYNCOOKIE_HW_ACCEPTS STATISTIC_DOS_ATTACK_DETECTED STATISTIC_DOS_ATTACKS STATISTIC_DOS_PACKETS_RECEIVED_ONE_HOUR_SAMPLES STATISTIC_DOS_PACKETS_RECEIVED STATISTIC_DOS_PACKETS_RECEIVED_RATE_ONE_SEC STATISTIC_DOS_PACKETS_RECEIVED_ONE_MIN STATISTIC_DOS_PACKETS_RECEIVED_ONE_HOUR STATISTIC_DOS_DROPS STATISTIC_DOS_DROPS_RATE_ONE_SEC STATISTIC_DOS_DROPS_ONE_MIN STATISTIC_DOS_DROPS_ONE_HOUR STATISTIC_DOS_INTERNAL_DROPS STATISTIC_DOS_INTERNAL_DROPS_RATE_ONE_SEC STATISTIC_DOS_INTERNAL_DROPS_ONE_MIN STATISTIC_DOS_INTERNAL_DROPS_ONE_HOUR STATISTIC_DIAMETER_ENDPOINT_CONNECTION_ATTEMPTS STATISTIC_DIAMETER_ENDPOINT_TOTAL_OPENS STATISTIC_DIAMETER_ENDPOINT_TOTAL_DISCONNECTS STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_MSG STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_BYTES STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_MSG_REQUESTS STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_MSG_ERRORS STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_MSG_ANSWERS STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_UNMATCHED_ANSWERS STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_INVALID STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_BYTES STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG_REQUESTS STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG_ERRORS STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG_ANSWERS STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG_REXMIT STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_MSG_REXMIT_LIMIT_EXCEEDED STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_REQUESTS_PENDING STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_CER STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_CEA STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_CER STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_CEA STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_DWR STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_DWA STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_DWR STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_DWA STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_DPR STATISTIC_DIAMETER_ENDPOINT_TOTAL_TX_DPA STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_DPR STATISTIC_DIAMETER_ENDPOINT_TOTAL_RX_DPA STATISTIC_DIAMETER_ENDPOINT_TOTAL_STATE_MACHINE_ERRORS STATISTIC_FW_RULE_HITS STATISTIC_PEM_ACTION_BWC_UPLINKS STATISTIC_PEM_ACTION_BWC_DOWNLINKS STATISTIC_PEM_ACTION_CLONES STATISTIC_PEM_ACTION_DROPS STATISTIC_PEM_ACTION_DSCP_MARKING_UPLINKS STATISTIC_PEM_ACTION_DSCP_MARKING_DOWNLINKS STATISTIC_PEM_ACTION_FLOW_REPORTS STATISTIC_PEM_ACTION_L2_MARKING_UPLINKS STATISTIC_PEM_ACTION_L2_MARKING_DOWNLINKS STATISTIC_PEM_ACTION_REDIRECTS STATISTIC_PEM_ACTION_REEVAL_COUNT STATISTIC_PEM_ACTION_REEVAL_MAX STATISTIC_PEM_ACTION_STEERING STATISTIC_PEM_ACTION_STEERING_ENDPOINT STATISTIC_PEM_SESSION_ACTIVE_CURRENT STATISTIC_PEM_SESSION_ACTIVE_MAXIMUM STATISTIC_PEM_SESSION_FAILED_PROVISIONING_CURRENT STATISTIC_PEM_SESSION_FAILED_PROVISIONING_MAXIMUM STATISTIC_PEM_SESSION_LIMITS_EXCEED STATISTIC_PEM_SESSION_MARKED_DELETED_CURRENT STATISTIC_PEM_SESSION_MARKED_DELETED_MAXIMUM STATISTIC_PEM_SESSION_PENDING_PROVISIONING_RESPONSES_CURRENT STATISTIC_PEM_SESSION_PENDING_PROVISIONING_RESPONSES_MAXIMUM STATISTIC_PEM_SESSION_PROVISIONED_AS_UNKNOWN_CURRENT STATISTIC_PEM_SESSION_PROVISIONED_AS_UNKNOWN_MAXIMUM STATISTIC_PEM_SESSION_PROVISIONED_CURRENT STATISTIC_PEM_SESSION_PROVISIONED_MAXIMUM STATISTIC_PEM_SESSION_SESSIONS_TOTAL STATISTIC_PEM_SESSION_FAILURES_SPM_QUEUE_FULL STATISTIC_PEM_GX_CURRENT_ACTIVE_SESSIONS STATISTIC_PEM_GX_MAXIMUM_ACTIVE_SESSIONS STATISTIC_PEM_GX_CCA_RECEIVED STATISTIC_PEM_GX_CCR_SENT STATISTIC_PEM_GX_CURRENT_SESSIONS_CLOSE_INITIATED STATISTIC_PEM_GX_MAXIMUM_SESSIONS_CLOSE_INITIATED STATISTIC_PEM_GX_CURRENT_INACTIVE_WITH_PROVISIONING_ERRORS STATISTIC_PEM_GX_MAXIMUM_INACTIVE_WITH_PROVISIONING_ERRORS STATISTIC_PEM_GX_CURRENT_SESSIONS_INITIATED STATISTIC_PEM_GX_MAXIMUM_SESSIONS_INITIATED STATISTIC_PEM_GX_ERROR_MESSAGES_RECEIVED STATISTIC_PEM_GX_REPORT_MESSAGES_DROPPED STATISTIC_PEM_GX_POLICY_UPDATES_RECEIVED STATISTIC_PEM_GX_POLICY_REQUESTS_SENT STATISTIC_PEM_GX_RAA_MESSAGES_SENT STATISTIC_PEM_GX_RAR_MESSAGES_RECEIVED STATISTIC_PEM_GX_SESSIONS_CREATED STATISTIC_PEM_GX_SESSIONS_TERMINATED STATISTIC_PEM_GX_USAGE_REPORT_MESSAGES_SENT STATISTIC_PEM_SESSIONDB_BYTES_UPLINK STATISTIC_PEM_SESSIONDB_BYTES_DOWNLINK STATISTIC_PEM_SESSIONDB_FLOWS_TOTAL STATISTIC_PEM_SESSIONDB_FLOWS_CURRENT STATISTIC_PEM_SESSIONDB_FLOWS_MAX SIP_ATTACK_VECTOR_UNKNOWN SIP_ATTACK_VECTOR_INVITE SIP_ATTACK_VECTOR_ACK SIP_ATTACK_VECTOR_OPTIONS SIP_ATTACK_VECTOR_BYE SIP_ATTACK_VECTOR_CANCEL SIP_ATTACK_VECTOR_REGISTER SIP_ATTACK_VECTOR_PUBLISH SIP_ATTACK_VECTOR_NOTIFY SIP_ATTACK_VECTOR_SUBSCRIBE SIP_ATTACK_VECTOR_MESSAGE SIP_ATTACK_VECTOR_PRACK SIP_ATTACK_VECTOR_OTHER SIP_ATTACK_VECTOR_MALFORMED DNS_QUERY_UNKNOWN DNS_QUERY_A DNS_QUERY_PTR DNS_QUERY_NS DNS_QUERY_SOA DNS_QUERY_CNAME DNS_QUERY_MX DNS_QUERY_AAAA DNS_QUERY_TXT DNS_QUERY_SRV DNS_QUERY_AXFR DNS_QUERY_IXFR DNS_QUERY_ANY DNS_QUERY_OTHER Gets a list of all DoS profiles. Creates the specified DoS profiles. Deletes the specified DoS profiles. Deletes all DoS profiles. Determines whether the specified DoS profiles are system profiles. A system profile is a profile pre-configured on the system, ready for use. Non-system profiles are profiles created or modified by a user. Note that if a system profile is modified, it is no longer considered a system profile. Sets the description for a set of DoS profiles. This is an arbitrary field which can be used for any purpose. Gets the descriptions for a set of DoS profiles. Gets a list of Application Security sub-profiles for a list of given profiles. Adds a list of Application Security sub-profiles to given profiles. Note: Only one Application Security sub-profile can exist per profile. Removes specific Application Security sub-profiles from the specified profiles. Removes all Application Security sub-profiles from the specified profiles. Gets the Protocol DNS Security sub-profile for a list of given profiles. A Protocol DNS Security sub-profile allows you to add DNS Query Vectors to a DoS Profile for attack detection purposes. It also allows dropping of Malformed and Malicious DNS packets (and the thresholds for these drops). Note: Only one Protocol DNS Security sub-profile can exist per profile. Adds specific Protocol DNS Security sub-profiles to the specified profiles. Note: Only one Protocol DNS Security sub-profile can exist per profile. Removes specific Protocol DNS Security sub-profiles from the specified profiles. Removes all Protocol DNS Security sub-profiles from the specified profiles. Sets the trigger DoS iRule event state in Application Security. Trigger DoS iRule event specifies, when enabled, that the system activates an Application DoS iRule event. The default setting is disabled. Enable it if you have written iRules that process this event, and assigned them to a specific virtual server. Gets the trigger DoS iRule event state in Application Security. Sets the operation mode of the specified anomaly. The available operation modes are mentioned under the OperationMode enumeration. Gets the operation mode of the specified anomaly. Sets the Source IP-based client side integrity defense state in the specified anomaly. Prevention policy consisting of four methods specifies how the system handles an attack. The system begins with the first method that you enabled in this list. If the system finds this method not effective enough to stop the attack, it uses the next method that you enabled in this list. - Source IP-based client side integrity defense: Specifies, when enabled, that the system determines whether the client is a legal browser or an illegal script by sending a JavaScript challenge to each suspicious IP address and waiting for a response. (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled. - URL-based client side integrity defense - Source IP-based rate limiting - URL-based rate limiting Gets the Source IP-based client side integrity defense state in the specified anomaly. Sets the URL-based client side integrity defense state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - URL-based client side integrity defense: Specifies, when enabled, that the system determines whether the client is a legal browser or an illegal script by sending a JavaScript challenge to each suspicious URL and waiting for a response. (Legal URLs are able to respond, while illegal scripts cannot.) The default is disabled. Gets the URL-based client side integrity defense state in the specified anomaly. Sets the Source IP-based rate limiting state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - Source IP-based rate limiting: Specifies, when enabled, that the system drops transactions from suspicious IP addresses. The system allows requests from that IP address when its request rate per second is less than the legitimate history interval (before the attack started), or less than the threshold you configure in the maximum TPS. The default is enabled. Gets the Source IP-based rate limiting state in the specified anomaly. Sets the URL-based rate limiting state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - URL-based rate limiting: Specifies, when enabled, that the system drops transactions for suspicious URLs, regardless of whether the IP address is suspicious or not. The system allows requests for that URL when the request rate per second is less than the legitimate history interval (before the attack started), or less than the threshold you configure in the maximum TPS. The default is enabled. Gets the URL-based rate limiting state in the specified anomaly. Sets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. IP detection criteria setting is only available in TPS-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the IP address as an attacker. If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval. The system does not return the blocking response page. Suspicious IP criteria setting is only available in Latency-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the IP address as suspicious (suspects the IP address to be an attacker). If an attack was detected according to the detection criteria, IP rate limiting will be done on the suspicious IP addresses. The system prevents the attack by limiting the number of requests per second to the history interval. The system does not return the blocking response page. - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the ratio between the transaction rate detection interval and the transaction rate history interval, for one IP address, is greater than this number. The default setting is 500 percent. - Maximum TPS - Minimum TPS Gets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria. - Maximum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the number of requests sent, per second, from an IP address is equal to or greater than this number. The default setting is 200 requests per second. Gets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria. - Minimum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the detected TPS for a specific IP address equals, or is greater than, this number, and the TPS increase rate was reached. If the detected TPS is lower than this number, the system does not consider this IP address to be an attacker (or suspicious) even if the TPS increase rate was reached. The default setting is 40 transactions per second. Gets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. URL detection criteria setting is only available in TPS-based anomaly. It specifies that if at least one of the following criteria is met, the system treats a URL to be under attack. If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval. The system does not return the blocking response page. Suspicious URL criteria setting is only available in Latency-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the URL as suspicious (suspects the URL to be attacked). If an attack was detected according to the detection criteria, URL rate limiting will be done on the suspicious URLs. The system prevents the attack by limiting the number of requests per second to the history interval. The system does not return the blocking response page. - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the ratio between the transaction rate detection interval and the transaction rate history interval, for one IP address, is greater than this number. The default setting is 500 percent. - Maximum TPS - Minimum TPS Gets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria. - Maximum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious) if the number of requests sent, per second, for the URL is equal to or greater than this number. The default setting is 1000 requests per second. Gets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria. - Minimum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious) if the detected TPS for a specific URL equals, or is greater than, this number, and the TPS increase rate was reached. If the detected TPS is lower than this number, the system does not consider this URL to be under attack (or suspicious) even if the TPS increase rate was reached. The default setting is 200 transactions per second. Gets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the maximum prevention duration (in seconds) in the specified anomaly. Prevention duration specifies for how long the system prevents attacks against an attacker IP address or an attacked URL. The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL. - Unlimited (zero value): Specifies that after the system detects and stops a DoS attack, it performs attack prevention until it detects the end of the attack. This is the default. - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack, it performs attack prevention either for the amount of time configured here even if the system detects that the attack continues, or until the system detects the end of the attack, whichever is earlier. Gets the maximum prevention duration (in seconds) in the specified anomaly. Sets the latency increase rate value in detection criteria of Latency-based anomaly. Detection criteria setting is only available in Latency-based anomaly. It specifies the criteria under which the system considers traffic to be an attack. First, the minimum latency must be reached, and then either the latency increase rate or the maximum latency must be reached. - Latency increase rate: Specifies that the system considers traffic to be an attack if the ratio of the latency detection interval to the latency history interval, for one URL, is greater than this number. The default setting is 500 percent. - Maximum latency - Minimum latency Gets the latency increase rate value in detection criteria of Latency-based anomaly. Sets the maximum latency value in detection criteria of Latency-based anomaly. Please see set_latency_increase_rate for more information about detection criteria. - Maximum latency: Specifies that the system considers traffic to be an attack if the latency detection interval for a specific URL is greater than this number. The default setting is 10000 milliseconds. Gets the maximum latency value in detection criteria of Latency-based anomaly. Sets the minimum latency value in detection criteria of Latency-based anomaly. Please see set_latency_increase_rate for more information about detection criteria. - Minimum latency: Specifies that the system considers traffic to be an attack if the detection interval for a specific URL equals, or is greater than, this number, and at least one of the latency increase rate or maximum latency was reached. If the detection interval is lower than this number, the system does not consider this traffic to be an attack even if one of the latency increase rate or maximum latency was reached. The default setting is 200 milliseconds. Gets the minimum latency value in detection criteria of Latency-based anomaly. Gets the entire IP address whitelist of DoS profile Application Security. Adds a list of IP addresses with subnet masks to the whitelist of DoS profile Application Security. IP address whitelist specifies IP addresses, including subnet masks, that the system considers legitimate and does not examine when performing DoS prevention. Removes specific IP addresses with subnet masks from the whitelist of DoS profile Application Security. Removes the entire IP address whitelist of DoS profile Application Security. Gets the Protocol SIP Security sub-profile for a list of given profiles. Adds a list of Protocol SIP Security sub-profiles to given profiles. Note: Only one Protocol SIP Security sub-profile can exist per profile. Removes specific Protocol SIP Security sub-profiles from the specified profiles. Removes all Protocol SIP Security sub-profiles from the specified profiles. Gets all SIP Attack Vectors that are enabled for the specified Protocol SIP Security sub-profiles. Adds SIP Attack Vectors to the specified Protocol SIP Security sub-profiles. A SIP Attack Vector allows the user to enable DoS attack detection on a specific attack vector and also lets the user configure attack sensitivity (rate increase & threshold). Removes SIP Attack Vectors from the specified Protocol SIP Security sub-profiles. Removes all SIP Attack Vectors from the specified Protocol SIP Security sub-profiles. Sets the rate increase percentage for the specified SIP Attack Vectors. When the rate increases above this percentage then BIG-IP will detect the specified SIP Attack Vectors. Note: This value cannot be set below 100. Gets the rate increase percentage for the specified SIP Attack Vectors. Sets the rate threshold for the specified SIP Attack Vectors. When the rate increases above this threshold then BIG-IP will detect the specified SIP Attack Vectors. Gets the rate threshold for the specified SIP Attack Vectors. Sets the rate increase for SIP protocol errors DoS attack vector. When the rate increases above this percentage then BIG-IP will detect a protocol errors SIP DoS attack. Gets the rate increase for SIP protocol errors DoS attack vector. Sets the rate threshold for SIP protocol errors DoS attack vector. When the rate increases above this threshold then BIG-IP will detect a protocol errors SIP DoS attack. Gets the rate threshold for SIP protocol errors DoS attack vector. Sets the Protocol SIP Error Attack Detection state in Protocol SIP Security. This allows the user to configure BIG-IP to detect SIP protocol errors DoS attacks. Gets the SIP Protocol Error Attack Detection state in Protocol SIP Security. Resets the statistics for the specified SIP Attack Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all SIP Attack Vectors (of the specified Protocol SIP Security sub-profiles). Gets the statistics for the specified SIP Attack Vectors. Gets all the DNS Query Vectors for a set of Protocol DNS Security sub-profiles. Adds DNS Query Vectors to the specified Protocol DNS Security sub-profiles. Removes DNS Query Vectors from the specified Protocol DNS Security sub-profiles. Removes all DNS Query Vectors from the specified Protocol DNS Security sub-profiles. Sets the rate increase percentage for the specified DNS Query Vectors. The system calculates the rate increase percentage for a given vector by comparing the 1 minute average to the 1 hour average, and compares the result to the percentage set. If the set percentage is less than or equal to the calculated value, a DoS attack is registered. Note that this value cannot be set below 100. The attack ends when this condition is no longer true. Gets the rate increase percentage for the specified DNS Query Vectors. Sets the query vectors rate threshold for the specified DNS Query Vectors. This is the absolute number of packets per second before registering a DoS attack. Gets the query vector rate threshold for the specified DNS Query Vectors. Sets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles. This is the rate increase (as a percentage) of traffic for Malformed and Malicious DNS packets to register a DoS attack. This number is calculated by comparing the 1 minute average to the 1 hour average. Gets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles. Sets the Protocol DNS Error Attack Detection state for the specified Protocol DNS Security sub-profiles. This Determines whether or not to include Malformed and Malicious DNS packets in DoS attack detection. Gets the DNS Protocol Error Attack Detection state for the specified Protocol DNS Security sub-profiles. Resets the statistics for the specified DNS Query Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all DNS Query Vectors for the specified Protocol DNS Security sub-profiles. Gets the statistics for the specified DNS Query Vectors. Gets the DoS Network sub-profiles for the specified DoS profiles. With this sub-profile, the Layer 4 attacks are detected and actions are taken to drop the packets over the limit in one second. Adds a list of DoS Network sub-profiles for the specified DoS profiles. Note: Only one Security DoS Network sub-profile can exist per profile. Removes a list of DoS Network sub-profiles from the specified DoS profiles. Removes all DoS Network sub-profiles from the specified DoS profiles. Gets the Network Attack Vectors for the specified DoS Network sub-profiles. A Network Attack Vector allows the user to enable DoS attack detection on a specific attack vector and also lets the user configure attack sensitivity (rate limit & threshold). Adds a list of Network Attack Vectors for the specified DoS Network sub-profiles. Removes a list of Network Attack Vectors from the specified DoS Network sub-profiles. Removes all Network Attack Vectors from the specified DoS Network sub-profiles. Sets the Rate Limits for the specified Network Attack Vectors. When the incoming packet number per second for the specified Network Attack Vectors is over this limit then the system will drop all the over limit packets in this second. The limit number of incoming packets will be allowed again in the next second. Gets the Rate Limits for the specified Network Attack Vectors. Sets the Rate Thresholds for the specified Network Attack Vectors. When the incoming packet number per second for the specified Network Attack Vectors goes above this threshold then the system will detect this kind of Layer 4 attack and take the action to log. Gets the Rate Thresholds for the specified Network Attack Vectors. Resets the statistics for the specified Network Attack Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all Network Attack Vectors of the specified DoS Network sub-profiles. Gets the statistics for the specified Network Attack Vectors. Gets the version information for this interface. Gets a list of all DoS profiles. Creates the specified DoS profiles. Deletes the specified DoS profiles. Deletes all DoS profiles. Determines whether the specified DoS profiles are system profiles. A system profile is a profile pre-configured on the system, ready for use. Non-system profiles are profiles created or modified by a user. Note that if a system profile is modified, it is no longer considered a system profile. Sets the description for a set of DoS profiles. This is an arbitrary field which can be used for any purpose. Gets the descriptions for a set of DoS profiles. Gets a list of Application Security sub-profiles for a list of given profiles. Adds a list of Application Security sub-profiles to given profiles. Note: Only one Application Security sub-profile can exist per profile. Removes specific Application Security sub-profiles from the specified profiles. Removes all Application Security sub-profiles from the specified profiles. Gets the Protocol DNS Security sub-profile for a list of given profiles. A Protocol DNS Security sub-profile allows you to add DNS Query Vectors to a DoS Profile for attack detection purposes. It also allows dropping of Malformed and Malicious DNS packets (and the thresholds for these drops). Note: Only one Protocol DNS Security sub-profile can exist per profile. Adds specific Protocol DNS Security sub-profiles to the specified profiles. Note: Only one Protocol DNS Security sub-profile can exist per profile. Removes specific Protocol DNS Security sub-profiles from the specified profiles. Removes all Protocol DNS Security sub-profiles from the specified profiles. Sets the trigger DoS iRule event state in Application Security. Trigger DoS iRule event specifies, when enabled, that the system activates an Application DoS iRule event. The default setting is disabled. Enable it if you have written iRules that process this event, and assigned them to a specific virtual server. Gets the trigger DoS iRule event state in Application Security. Sets the operation mode of the specified anomaly. The available operation modes are mentioned under the OperationMode enumeration. Gets the operation mode of the specified anomaly. Sets the Source IP-based client side integrity defense state in the specified anomaly. Prevention policy consisting of four methods specifies how the system handles an attack. The system begins with the first method that you enabled in this list. If the system finds this method not effective enough to stop the attack, it uses the next method that you enabled in this list. - Source IP-based client side integrity defense: Specifies, when enabled, that the system determines whether the client is a legal browser or an illegal script by sending a JavaScript challenge to each suspicious IP address and waiting for a response. (Legal browsers are able to respond, while illegal scripts cannot.) The default is disabled. - URL-based client side integrity defense - Source IP-based rate limiting - URL-based rate limiting Gets the Source IP-based client side integrity defense state in the specified anomaly. Sets the URL-based client side integrity defense state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - URL-based client side integrity defense: Specifies, when enabled, that the system determines whether the client is a legal browser or an illegal script by sending a JavaScript challenge to each suspicious URL and waiting for a response. (Legal URLs are able to respond, while illegal scripts cannot.) The default is disabled. Gets the URL-based client side integrity defense state in the specified anomaly. Sets the Source IP-based rate limiting state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - Source IP-based rate limiting: Specifies, when enabled, that the system drops transactions from suspicious IP addresses. The system allows requests from that IP address when its request rate per second is less than the legitimate history interval (before the attack started), or less than the threshold you configure in the maximum TPS. The default is enabled. Gets the Source IP-based rate limiting state in the specified anomaly. Sets the URL-based rate limiting state in the specified anomaly. Please see set_source_ip_based_client_side_integrity_defense_state for more information about prevention policy. - URL-based rate limiting: Specifies, when enabled, that the system drops transactions for suspicious URLs, regardless of whether the IP address is suspicious or not. The system allows requests for that URL when the request rate per second is less than the legitimate history interval (before the attack started), or less than the threshold you configure in the maximum TPS. The default is enabled. Gets the URL-based rate limiting state in the specified anomaly. Sets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. IP detection criteria setting is only available in TPS-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the IP address as an attacker. If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval. The system does not return the blocking response page. Suspicious IP criteria setting is only available in Latency-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the IP address as suspicious (suspects the IP address to be an attacker). If an attack was detected according to the detection criteria, IP rate limiting will be done on the suspicious IP addresses. The system prevents the attack by limiting the number of requests per second to the history interval. The system does not return the blocking response page. - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the ratio between the transaction rate detection interval and the transaction rate history interval, for one IP address, is greater than this number. The default setting is 500 percent. - Maximum TPS - Minimum TPS Gets the TPS increase rate value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria. - Maximum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the number of requests sent, per second, from an IP address is equal to or greater than this number. The default setting is 200 requests per second. Gets the maximum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Please see set_ip_tps_increase_rate for more information about IP detection criteria and suspicious IP criteria. - Minimum TPS: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the detected TPS for a specific IP address equals, or is greater than, this number, and the TPS increase rate was reached. If the detected TPS is lower than this number, the system does not consider this IP address to be an attacker (or suspicious) even if the TPS increase rate was reached. The default setting is 40 transactions per second. Gets the minimum TPS value in IP detection criteria (or suspicious IP criteria) of the specified anomaly. Sets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. URL detection criteria setting is only available in TPS-based anomaly. It specifies that if at least one of the following criteria is met, the system treats a URL to be under attack. If these numbers are reached, the system prevents further attacks by limiting the number of requests per second to the history interval. The system does not return the blocking response page. Suspicious URL criteria setting is only available in Latency-based anomaly. It specifies that if at least one of the following criteria is met, the system treats the URL as suspicious (suspects the URL to be attacked). If an attack was detected according to the detection criteria, URL rate limiting will be done on the suspicious URLs. The system prevents the attack by limiting the number of requests per second to the history interval. The system does not return the blocking response page. - TPS increase rate: Specifies that the system considers an IP address to be an attacker (or treats as suspicious) if the ratio between the transaction rate detection interval and the transaction rate history interval, for one IP address, is greater than this number. The default setting is 500 percent. - Maximum TPS - Minimum TPS Gets the TPS increase rate value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria. - Maximum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious) if the number of requests sent, per second, for the URL is equal to or greater than this number. The default setting is 1000 requests per second. Gets the maximum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Please see set_url_tps_increase_rate for more information about URL detection criteria and suspicious URL criteria. - Minimum TPS: Specifies that the system considers a URL to be under attack (or treats as suspicious) if the detected TPS for a specific URL equals, or is greater than, this number, and the TPS increase rate was reached. If the detected TPS is lower than this number, the system does not consider this URL to be under attack (or suspicious) even if the TPS increase rate was reached. The default setting is 200 transactions per second. Gets the minimum TPS value in URL detection criteria (or suspicious URL criteria) of the specified anomaly. Sets the maximum prevention duration (in seconds) in the specified anomaly. Prevention duration specifies for how long the system prevents attacks against an attacker IP address or an attacked URL. The system prevents attacks by rejecting requests either from the attacking IP address, or for the attacked URL. - Unlimited (zero value): Specifies that after the system detects and stops a DoS attack, it performs attack prevention until it detects the end of the attack. This is the default. - Number of seconds (positive value): Specifies that after the system detects and stops a DoS attack, it performs attack prevention either for the amount of time configured here even if the system detects that the attack continues, or until the system detects the end of the attack, whichever is earlier. Gets the maximum prevention duration (in seconds) in the specified anomaly. Sets the latency increase rate value in detection criteria of Latency-based anomaly. Detection criteria setting is only available in Latency-based anomaly. It specifies the criteria under which the system considers traffic to be an attack. First, the minimum latency must be reached, and then either the latency increase rate or the maximum latency must be reached. - Latency increase rate: Specifies that the system considers traffic to be an attack if the ratio of the latency detection interval to the latency history interval, for one URL, is greater than this number. The default setting is 500 percent. - Maximum latency - Minimum latency Gets the latency increase rate value in detection criteria of Latency-based anomaly. Sets the maximum latency value in detection criteria of Latency-based anomaly. Please see set_latency_increase_rate for more information about detection criteria. - Maximum latency: Specifies that the system considers traffic to be an attack if the latency detection interval for a specific URL is greater than this number. The default setting is 10000 milliseconds. Gets the maximum latency value in detection criteria of Latency-based anomaly. Sets the minimum latency value in detection criteria of Latency-based anomaly. Please see set_latency_increase_rate for more information about detection criteria. - Minimum latency: Specifies that the system considers traffic to be an attack if the detection interval for a specific URL equals, or is greater than, this number, and at least one of the latency increase rate or maximum latency was reached. If the detection interval is lower than this number, the system does not consider this traffic to be an attack even if one of the latency increase rate or maximum latency was reached. The default setting is 200 milliseconds. Gets the minimum latency value in detection criteria of Latency-based anomaly. Gets the entire IP address whitelist of DoS profile Application Security. Adds a list of IP addresses with subnet masks to the whitelist of DoS profile Application Security. IP address whitelist specifies IP addresses, including subnet masks, that the system considers legitimate and does not examine when performing DoS prevention. Removes specific IP addresses with subnet masks from the whitelist of DoS profile Application Security. Removes the entire IP address whitelist of DoS profile Application Security. Gets the Protocol SIP Security sub-profile for a list of given profiles. Adds a list of Protocol SIP Security sub-profiles to given profiles. Note: Only one Protocol SIP Security sub-profile can exist per profile. Removes specific Protocol SIP Security sub-profiles from the specified profiles. Removes all Protocol SIP Security sub-profiles from the specified profiles. Gets all SIP Attack Vectors that are enabled for the specified Protocol SIP Security sub-profiles. Adds SIP Attack Vectors to the specified Protocol SIP Security sub-profiles. A SIP Attack Vector allows the user to enable DoS attack detection on a specific attack vector and also lets the user configure attack sensitivity (rate increase & threshold). Removes SIP Attack Vectors from the specified Protocol SIP Security sub-profiles. Removes all SIP Attack Vectors from the specified Protocol SIP Security sub-profiles. Sets the rate increase percentage for the specified SIP Attack Vectors. When the rate increases above this percentage then BIG-IP will detect the specified SIP Attack Vectors. Note: This value cannot be set below 100. Gets the rate increase percentage for the specified SIP Attack Vectors. Sets the rate threshold for the specified SIP Attack Vectors. When the rate increases above this threshold then BIG-IP will detect the specified SIP Attack Vectors. Gets the rate threshold for the specified SIP Attack Vectors. Sets the rate increase for SIP protocol errors DoS attack vector. When the rate increases above this percentage then BIG-IP will detect a protocol errors SIP DoS attack. Gets the rate increase for SIP protocol errors DoS attack vector. Sets the rate threshold for SIP protocol errors DoS attack vector. When the rate increases above this threshold then BIG-IP will detect a protocol errors SIP DoS attack. Gets the rate threshold for SIP protocol errors DoS attack vector. Sets the Protocol SIP Error Attack Detection state in Protocol SIP Security. This allows the user to configure BIG-IP to detect SIP protocol errors DoS attacks. Gets the SIP Protocol Error Attack Detection state in Protocol SIP Security. Resets the statistics for the specified SIP Attack Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all SIP Attack Vectors (of the specified Protocol SIP Security sub-profiles). Gets the statistics for the specified SIP Attack Vectors. Gets all the DNS Query Vectors for a set of Protocol DNS Security sub-profiles. Adds DNS Query Vectors to the specified Protocol DNS Security sub-profiles. Removes DNS Query Vectors from the specified Protocol DNS Security sub-profiles. Removes all DNS Query Vectors from the specified Protocol DNS Security sub-profiles. Sets the rate increase percentage for the specified DNS Query Vectors. The system calculates the rate increase percentage for a given vector by comparing the 1 minute average to the 1 hour average, and compares the result to the percentage set. If the set percentage is less than or equal to the calculated value, a DoS attack is registered. Note that this value cannot be set below 100. The attack ends when this condition is no longer true. Gets the rate increase percentage for the specified DNS Query Vectors. Sets the query vectors rate threshold for the specified DNS Query Vectors. This is the absolute number of packets per second before registering a DoS attack. Gets the query vector rate threshold for the specified DNS Query Vectors. Sets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles. This is the rate increase (as a percentage) of traffic for Malformed and Malicious DNS packets to register a DoS attack. This number is calculated by comparing the 1 minute average to the 1 hour average. Gets the DNS Protocol error attack rate increase for the specified Protocol DNS Security sub-profiles. Sets the Protocol DNS Error Attack Detection state for the specified Protocol DNS Security sub-profiles. This Determines whether or not to include Malformed and Malicious DNS packets in DoS attack detection. Gets the DNS Protocol Error Attack Detection state for the specified Protocol DNS Security sub-profiles. Resets the statistics for the specified DNS Query Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all DNS Query Vectors for the specified Protocol DNS Security sub-profiles. Gets the statistics for the specified DNS Query Vectors. Gets the DoS Network sub-profiles for the specified DoS profiles. With this sub-profile, the Layer 4 attacks are detected and actions are taken to drop the packets over the limit in one second. Adds a list of DoS Network sub-profiles for the specified DoS profiles. Note: Only one Security DoS Network sub-profile can exist per profile. Removes a list of DoS Network sub-profiles from the specified DoS profiles. Removes all DoS Network sub-profiles from the specified DoS profiles. Gets the Network Attack Vectors for the specified DoS Network sub-profiles. A Network Attack Vector allows the user to enable DoS attack detection on a specific attack vector and also lets the user configure attack sensitivity (rate limit & threshold). Adds a list of Network Attack Vectors for the specified DoS Network sub-profiles. Removes a list of Network Attack Vectors from the specified DoS Network sub-profiles. Removes all Network Attack Vectors from the specified DoS Network sub-profiles. Sets the Rate Limits for the specified Network Attack Vectors. When the incoming packet number per second for the specified Network Attack Vectors is over this limit then the system will drop all the over limit packets in this second. The limit number of incoming packets will be allowed again in the next second. Gets the Rate Limits for the specified Network Attack Vectors. Sets the Rate Thresholds for the specified Network Attack Vectors. When the incoming packet number per second for the specified Network Attack Vectors goes above this threshold then the system will detect this kind of Layer 4 attack and take the action to log. Gets the Rate Thresholds for the specified Network Attack Vectors. Resets the statistics for the specified Network Attack Vectors. Note that at this time, the "vectors" argument is ignored, and statistics for all vectors are reset. Gets the statistics for all Network Attack Vectors of the specified DoS Network sub-profiles. Gets the statistics for the specified Network Attack Vectors. Gets the version information for this interface. The ProfileDoS interface enables you to manipulate a DoS profile. Use this interface to prevent Denial of Service (DoS) attacks. DoS profile consists of three parts (layers): Application Security, Protocol (DNS) Security and Protocol SIP Security. Each part can be enabled or disabled by means of creating or deleting the corresponding sub-profile. In Application Security you can configure: - The circumstances under which the system considers traffic to be a DoS attack. - How the system handles a DoS attack. The system considers traffic to be an Application DoS attack based on the following calculations: - Transaction rate detection interval: The average number of requests per second sent for a specific URL, or by a specific IP address. This number is calculated by the system, by default, every minute and updated every second. - Transaction rate history interval: The average number of requests per second sent for a specific URL, or by a specific IP address. This number is calculated by the system, by default, every hour and updated every minute. - Latency detection interval: The average time it takes for the system to respond to a request for a specific URL, over the last minute. This average is updated every second. - Latency history interval: The average time it takes for the system to respond to a request for a specific URL, over the last hour. This average is updated every minute. In this sub-profile you must select whether the system prevents DoS attacks based on the client side (TPS-based anomaly) or/and the server side (Latency-based anomaly). The system's DoS attack prevention works differently for every anomaly you select. - In TPS-based anomaly: If the ratio of the transaction rate detection interval to the transaction rate history interval is greater than the specific percentage you configure in this sub-profile (the TPS increase rate), the system detects the URL to be under attack, or the IP address to be attacking. In order to stop the attack, the system drops some requests from the detected IP address and/to the attacked URL. - In Latency-based anomaly: If the ratio of the transaction rate detection interval to the transaction rate history interval is greater than the specific percentage you configure in this sub-profile (the TPS increase rate), the system suspects the URL to be under attack, or the IP address to be suspicious. If the ratio of the latency detection interval to the latency history interval is greater than the specific percentage you configure in this sub-profile (the latency increase rate), the system detects that this URL is under attack. In order to stop the attack, the system drops some requests from the suspicious IP address and/or to the suspicious URL. The Protocol DNS Security sub-profile allows you to specify DNS Query Vectors to be considered for DoS attack detection. You can also select whether or not to consider Malformed and Malicious DNS packets for DoS attack detection, and configure values at which to start dropping these packets. A Protocol SIP Security sub-profile allows the user to configure SIP Attack Vectors that are to be considered for DoS attack detection. It also provides the capability to enable detection of Malformed SIP packet DoS attacks. The detection sensitivity for each of the configured DoS vectors can also be set.