This is the multi-page printable view of this section. Click here to print.
Imperva
- 1: Incapsula
- 2: SecureSphere
1 - Incapsula
Incapsula: Cloud-based WAF, DDoS protection, and bot mitigation service for securing web applications and APIs.
To onboard such a source to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | imperva |
| product | incapsula |
| format | cef |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype, source, and index settings:
| sourcetype | source | index |
|---|---|---|
| cef | Imperva:Incapsula | netwaf |
Sending data to Google SecOps
When sending the data collected from this source to a dynamic Google SecOps destination, Axoflow sets the following log type: IMPERVA_CEF.
2 - SecureSphere
SecureSphere: Provides on-prem web application, database, and file security with granular activity monitoring.
To onboard such a source to Axoflow, complete the generic appliance onboarding steps.
Labels
Axoflow automatically adds the following labels to data collected from this source:
| label | value |
|---|---|
| vendor | imperva |
| product | securesphere |
| format | cef |
Sending data to Splunk
When sending the data collected from this source to Splunk, Axoflow uses the following sourcetype, source, and index settings:
| sourcetype | index |
|---|---|
| imperva:waf:firewall:cef | netwaf |
| imperva:waf:security:cef | netwaf |
| imperva:waf | netwaf |
Sending data to Google SecOps
When sending the data collected from this source to a dynamic Google SecOps destination, Axoflow sets the following log type: IMPERVA_SECURESPHERE.