Device Details
|
Device Name |
Imperva Securesphere |
|---|---|
|
Vendor |
Imperva |
|
Device Type |
Database Audit |
|
Supported Model Name/Number |
N/A |
|
Supported Software Version |
N/A |
|
Collection Method |
Syslog |
|
Configurable Log Output |
N/A |
|
Log Source Type |
Syslog - Imperva Securesphere |
|
Log Processing Policy |
LogRhythm Default V 2.0 |
|
Exceptions |
N/A |
|
Additional Information |
https://docs.imperva.com/bundle/v14.4-web-application-firewall-user-guide/page/3682.htm |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
|
Type |
Product Version |
Supported Schema Fields |
|---|---|---|
|
V 2.0: Database Audit Events |
N/A |
<version>, <vmid>, <severity>, <dip>, <dport>, <account>, <sip>, <sport>, <protname>, <subject>, <group>, <objecttype>, <vendorinfo>, <tag1>, <result>, <tag2>, <process>, <login>, <sname>, <object>, <command>, <reason> |
|
V 2.0: Security Events |
N/A |
<version>, <vmid>, <subject>, <tag1>, <severity>, <action>, <tag2>, <command>, <dip>, <dport>, <account>, <domainimpacted>, <sip>, <sport>, <protname>, <objecttype>, <policy>, <group>, <process>, <object>, <result>, <tag5>, <status>, <url>, <responsecode>, <session> |
|
V 2.0: System Events |
N/A |
<version>, <vmid>, <tag1>, <subject>, <tag2>, <sip>, <sname>, <action>, <policy>, <status>, <severity>, <login>, <objecttype> |
|
V 2.0: Catch-All |
N/A |
<severity>, <tag1> |
Revision History
|
KB Version |
Log Type |
Change Type |
Details |
|---|---|---|---|
|
KB 7.1.681.0 |
Syslog - Imperva Securesphere |
New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 |
Optimized new log processing policy for Syslog - Imperva Securesphere |