Application Firewall - Field Consistency versus Field Format Check

The Field Consistency Check ensures that the form which the user submits has not been altered and is identical to the one that the server had sent. Thus a violation should only get triggered when a form which was sent by the server is either missing a form field, or any field was altered, or a new field was added. This violation may also get triggered if the Form tag inserted by Application Firewall is tampered. It may also get triggered if the submitted input exceeds the maxlength specified on the html form sent by the server. Generally, browsers enforce this limit and do not allow more characters than maxlength in the input field; but one can submit the form and edit the URL in the browser and resubmit. Application firewall detects and blocks such tampering.
If form field violations are getting triggered for every field, a possible scenario where this can happen is if the form was not sent by the server but was generated on the client side using a java script. Since we do not know the form content in this case, the submitted fields trigger field consistency violations.

Similarly, Field Format Check allows to control the acceptable input in the various fields of the form. For example, if you have a password field where you want to allow user to be able to input any characters (alpha/integer/special char etc) but want the input to be minimum 8 characters long and maximum 20 characters long, select an appropriate default field type or create your own customized field type consisting of only the characters that are allowed, set the password field to this type and specify the minimum and maximum values.
For another field on the form, you may want to have a different set of input requirements and thus configure it accordingly. Thus, field format rules are restrictive in a sense. You can select a field type and required input in every field to conform to the allowed Regex and min-max requirement or you can have specific exception rules for subset of form field specifying allowed input as well as minimum and maximum number of acceptable characters.
Note that if you have specified a field type and min/max limit for a form, then each and every submitted form field is required to conform to this. If any field is left blank without an input, it may trigger the Field Format violation.