资产管理

1. 登录Web应用防火墙3.0控制台。在顶部菜单栏，选择WAF实例的资源组和地域（中国内地、非中国内地）。

2. 在左侧导航栏，选择防护配置 > AI应用防护，在资产管理页面中，单击新建资产。

3. 填写匹配条件，匹配条件为必填项。用于定义需要防护的AI API接口，使WAF能根据这些条件精准识别目标流量。

   匹配字段	匹配内容
   域名	填写域名或IP地址，例如您的防护对象对应的域名为domain.com，此处填写domain.com。
   URL路径	填写API的URL路径，例如此处填写/chat/message，域名处填写domain.com，则防护的目标为domain.com/chat/message。
   HTTP请求方法	可选项：POST、GET、PUT。

4. 在提示词位置与响应内容处填写内容位置字段，使WAF能够在HTTP报文中定位到待检测的内容。需要符合JSONPath表达式。

   重要

   此处的配置将直接影响到后续防护模块的检测内容。

   • 若后续需要配置WAF同时检测用户请求与模型响应的合规性，则必须在此处同时配置提示词位置与响应内容。

   • 若后续需要配置WAF进行应答替换动作，则必须在此处配置响应内容。

   对于响应内容，您需要根据实际的业务特征对如下配置项进行勾选。

   • 非流式响应：服务器在处理完成后，一次性返回完整JSON格式响应体，客户端需等待全部数据生成完毕后才能获取结果。

   • 流式响应：服务器将响应数据分片持续推送，客户端可实时接收并处理部分结果，直至连接关闭。仅支持SSE协议。

     • 深度思考：模型在生成最终答案前，显式输出推理过程，以结构化步骤展现内在逻辑，提升结果的可解释性与准确性。

   说明

   若您不确定内容位置字段，可以参考下列示例进行判断，也可以单击输入框后的测试进行验证。

   请求提示词位置示例

   示例1

   下方的http请求body字段，提示词位置对应的JSONPath为：$.messages[0].content.parts[0]。

   {
     "action": "next",
     "messages": [{
       "id": "c86043d3-6657-4a9e-85df-a22c98666367",
       "create_time": 1742977262.085,
       "content": {
         "content_type": "text",
         "parts": ["什么是大模型提示词"]
       }
     }]
   }

   示例2

   下方的http请求body字段，用户提示词位置对应的JSONPath为：$.messages[1].content。

   {
     "model": "gpt-3.5-turbo",
     "messages": [
       {
         "role": "system",
         "content": "你是一个助手"
       },
       {
         "role": "user",
         "content": "帮我写一封感谢信"
       }
     ],
     "temperature": 0.7
   }

   示例3

   下方的http请求body字段，最后一轮的用户提示词位置对应的JSONPath为：$.messages[-1].content。

   {
     "messages": [
       {
         "role": "user",
         "content": "解释一下神经网络"
       },
       {
         "role": "assistant",
         "content": "神经网络是一种模拟人脑结构的计算模型..."
       },
       {
         "role": "user",
         "content": "那Transformer呢？"
       }
     ]
   }

   响应内容位置示例

   非流式响应

   下方的http响应body字段，响应内容位置对应的JSONPath为：$.choices[0].message.content。

   {
     "choices": [
       {
         "message": {
           "role": "assistant",
           "content": "大模型提示词是引导模型生成特定输出的输入文本。"
         }
       }
     ]
   }

   流式响应

   下方的http响应body字段，共有5个内容分片，每个分片的内容路径对应的JSONPath为：$.answer。

     data: {"event": "message", "message_id": "5adxxx6290", "conversation_id": "457xxx55f2", "answer": "很", "created_at": 1679586595}
     data: {"event": "message", "message_id": "5adxxx6290", "conversation_id": "457xxx55f2", "answer": "高兴", "created_at": 1679586595}
     data: {"event": "message", "message_id": "5adxxx6290", "conversation_id": "457xxx55f2", "answer": "见", "created_at": 1679586595}
     data: {"event": "message", "message_id": "5adxxx6290", "conversation_id": "457xxx55f2", "answer": "到", "created_at": 1679586595}
     data: {"event": "message", "message_id" : "5adxxx6290", "conversation_id": "457xxx55f2", "answer": "你", "created_at": 1679586595}
     data: {"event": "message_end", "id": "5adxxx6290", "conversation_id": "457xxx55f2", "metadata": {} }

   深度思考

   下方的http响应body字段，深度思考位置对应的JSONPath为：$.choices[0].delta.reasoning_content。

   data: {"choices":[{"delta":{"content":null,"role":"assistant","reasoning_content":""},"index":0,"logprobs":null,"finish_reason":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"finish_reason":null,"logprobs":null,"delta":{"content":null,"reasoning_content":"唔"},"index":0}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":null,"reasoning_content":"，用户"},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":null,"reasoning_content":"问了一个"},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":null,"reasoning_content":"基础的"},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":null,"reasoning_content":"自我介绍问题。"},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":"我是DeepSeek","reasoning_content":null},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":"有什么","reasoning_content":null},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":"可以","reasoning_content":null},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"delta":{"content":"帮你","reasoning_content":null},"finish_reason":null,"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: {"choices":[{"finish_reason":"stop","delta":{"content":"的吗？"},"index":0,"logprobs":null}],"object":"chat.completion.chunk","usage":null,"created":1758787252,"system_fingerprint":null,"model":"deepseek-v3.1","id":"chatcmpl-xxx-e30c1"}
   data: [DONE]

5. 设置关联防护对象，每个资产只能关联一个防护对象。

在资产管理页面，可查看并管理当前已创建的资产，如下图所示：

• 查看资产：在防护状态栏查看资产已配置的防护，若未配置任何防护，则显示未防护。

• 编辑资产：通过单击操作列的编辑，对已创建资产的提示词位置与响应内容进行修改。

• 删除资产：通过单击操作列的删除，删除已创建的资产，资产被删除后不会受到任何防护。