Lookups for the Splunk Add-on for Imperva SecureSphere WAF
The Splunk Add-on for Imperva SecureSphere WAF has the following lookups. The lookup files map fields from Imperva systems to CIM-compliant values in the Splunk platform. The lookup files are located in
$SPLUNK_HOME/etc/apps/Splunk_TA_imperva-waf/lookups
.
Filename | Description |
---|---|
imperva_waf_actions.csv
|
maps the vendor_action field to a CIM-compliant action value.
|
imperva_waf_severity.csv
|
Maps the raw_severity field to a CIM-compliant severity value.
|
Source types for the Splunk Add-on for Imperva SecureSphere WAF | Troubleshoot the Splunk Add-on for Imperva SecureSphere WAF |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Feedback submitted, thanks!