From 720ee2824c9dcf49fd87994562b47b9591d615aa Mon Sep 17 00:00:00 2001
From: Venktesh Shivam Patel <ve.patel@f5.com>
Date: Mon, 26 Sep 2022 17:47:04 +0100
Subject: [PATCH] Change AppProtect warning message (#3096)

---
 tests/suite/test_app_protect_integration.py  | 6 ++++--
 tests/suite/test_app_protect_waf_policies.py | 5 ++++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/tests/suite/test_app_protect_integration.py b/tests/suite/test_app_protect_integration.py
index 3fbab531dc..c76a415fde 100644
--- a/tests/suite/test_app_protect_integration.py
+++ b/tests/suite/test_app_protect_integration.py
@@ -390,14 +390,16 @@ def test_ap_multi_sec_logs(
         assert_invalid_responses(response)
         # check logs in dest. #1 i.e. syslog server #1
         assert (
-            'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS)"' in log_contents
+            'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS),Other Application Activity"'
+            in log_contents
             and 'severity="Critical"' in log_contents
             and 'request_status="blocked"' in log_contents
             and 'outcome="REJECTED"' in log_contents
         )
         # check logs in dest. #2 i.e. syslog server #2
         assert (
-            'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS)"' in log2_contents
+            'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS),Other Application Activity"'
+            in log2_contents
             and 'severity="Critical"' in log2_contents
             and 'request_status="blocked"' in log2_contents
             and 'outcome="REJECTED"' in log2_contents
diff --git a/tests/suite/test_app_protect_waf_policies.py b/tests/suite/test_app_protect_waf_policies.py
index cac1454607..1f34c76cfa 100644
--- a/tests/suite/test_app_protect_waf_policies.py
+++ b/tests/suite/test_app_protect_waf_policies.py
@@ -367,7 +367,10 @@ def test_ap_waf_policy_multi_logs(
 
         assert_invalid_responses(response)
 
-        assert f'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS)"' in log_contents
+        assert (
+            f'ASM:attack_type="Non-browser Client,Abuse of Functionality,Cross Site Scripting (XSS),Other Application Activity"'
+            in log_contents
+        )
         assert f'severity="Critical"' in log_contents
         assert f'request_status="blocked"' in log_contents
         assert f'outcome="REJECTED"' in log_contents