If you want to disable attack detection for a specific API, tune the user threshold to a
maximum value. This follows the same process as changing the attack threshold and sets the
user-generated normal threshold value to the maximum for the attack type (refer to
Threshold range for Tn and Tx - Not in use for 5.1
for a list of maximum values). When the normal threshold is set to maximum, the
machine learning system will not generate attacks based on that variable. All other
variables continue to operate in either system
or user
mode.
You can also disable or enable an attack ID globally by using the
attackstatus
REST API. For more information, see Enable or disable attack IDs.