Splunk® Supported Add-ons

Splunk Add-on for Imperva SecureSphere WAF

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Configure Imperva SecureSphere WAF to send data to the Splunk Add-on for Imperva SecureSphere WAF

To enable the Splunk Add-on for Imperva SecureSphere WAF to collect data from Imperva SecureSphere WAF, you configure Imperva SecureSphere WAF to produce syslog output with an output format of "default" or "splunk" and push it to the data collection node of your Splunk platform installation.

Splunk recommends that you use Splunk Connect for Syslog (SC4S) to collect Syslog data, see the SC4S documentation at https://splunk-connect-for-syslog.readthedocs.io/en/master/sources/Imperva/

The Common Event Format (CEF) is the default format for data. For information on configuring the CEF log format, see the Imperva docs at https://www.imperva.com.

Next, configure your data collection node to receive data from Imperva SecureSphere WAF as described in "Configure inputs for the Splunk Add-on for Imperva SecureSphere WAF".

Last modified on 21 July, 2021
PREVIOUS
Install the Splunk Add-on for Imperva SecureSphere WAF
  NEXT
Configure inputs for the Splunk Add-on for Imperva SecureSphere WAF

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters