Define scan rate limits

You can define the rate that different types of scans are performed to balance the load in your scan queue. Conditions defined in the rate limit determine whether the rate limits will be applied to queued entries.

Before you begin

Role required: sn_ti.admin

Procedure

  1. Navigate to Threat Intelligence > Threat Scanning > Rate Limit Definitions.
  2. Click New.
  3. Fill in the fields on the form, as appropriate.
    Table 1. Rate limit definition
    Field Description
    Name Provide a descriptive name that identifies the conditions the queue entry must meet; for example, Requests per minute or IP/URL/File requests per hour.
    Queue conditions Enter conditions used to determine whether a queued scan entry should be subject to this rate limit. The conditions should not be specific to a particular scanner.
    Evaluation script Write a script with the logic needed to evaluate the queued entry. It is important that the script return true/false to define whether the entry should be processed. Additionally, the evaluation script should be based on the queued entry being evaluated.
  4. Click Submit.

Example

A sample rate limit is shown here.