Syslog - Imperva Securesphere
Device Details
Device Name | Imperva Securesphere |
---|---|
Vendor | Imperva |
Device Type | Database Audit |
Supported Model Name/Number | N/A |
Supported Software Version | N/A |
Collection Method | Syslog |
Configurable Log Output | N/A |
Log Source Type | Syslog - Imperva Securesphere |
Log Processing Policy | LogRhythm Default V 2.0 |
Exceptions | N/A |
Additional Information | https://docs.imperva.com/bundle/v14.4-web-application-firewall-user-guide/page/3682.htm |
Supported Log Messages
(List of LR tags used to parse the log information for each message type)
Type | Product Version | Supported Schema Fields |
---|---|---|
V 2.0: Database Audit Events | N/A | <version>, <vmid>, <severity>, <dip>, <dport>, <account>, <sip>, <sport>, <protname>, <subject>, <group>, <objecttype>, <vendorinfo>, <tag1>, <result>, <tag2>, <process>, <login>, <sname>, <object>, <command>, <reason> |
V 2.0: Security Events | N/A | <version>, <vmid>, <subject>, <tag1>, <severity>, <action>, <tag2>, <dip>, <dport>, <account>, <domainimpacted>, <sip>, <sport>, <protname>, <objecttype>, <policy>, <group>, <process>, <object>, <result>, <tag5> |
V 2.0: System Events | N/A | <version>, <vmid>, <tag1>, <subject>, <tag2>, <sip>, <sname>, <action>, <policy>, <status>, <severity>, <login>, <objecttype> |
V 2.0: Catch All | N/A | <severity>, <tag1> |
Revision History
KB Version | Log Type | Change Type | Details |
---|---|---|---|
KB 7.1.681.0 | Syslog - Imperva Securesphere | New Log Source Optimization (LSO) policy: LogRhythm Default v2.0 | Optimized new log processing policy for Syslog - Imperva Securesphere |