@Shantanu Chaurasia,
It could make sense for you to look at the Imperva github page around mx-toolbox. @Brian Anderson also talks about some of this in a webibar he hosted several months back. Found here: GitHub Tools - Imperva API Composer.
Does this help?
---------
The SecureSphere / WAF Gateway MX-Toolbox is a general purpose repository for custom packages, integrations, and monitoring add-ons for the SecureSphere MX and Gateway appliances.
- Alerts to New Relic - Send alerts to New Relic via custom action set
- Camo CX-Discover Integration - Process CAMO classification .csv report to create table groups, and convert to json to push to S3
- ServiceNow Integration - Alert to incident, change control reconciliation audit enrichment, close-the-loop updating change requests with queries, and vulnerability assessment export to CMDB and vulnerable items in ServiceNow
- Export KRP Rules to Dataset - Export KRP rules in the siote tree to .csv and upload to data set
- Export WAF Profile Learned Hosts to CSV - Export all learned hosts in web profiles to .csv
- Export Table Groups to CSV - Export table groups to .csv
- MX WAF Security Policy Sync - Replicate and sync security policies across multiple MXs in AWS
- MX and Gateway Performance Monitoring - Output performance data (CPU, counters, network stats, disk, etc) from both MX and Gateway appliances in near real-time simultaneously to new relic, influxdb/grafana, and/or to SIEM via syslog with uniquely indexed json.
------------------------------
Christopher Detzel
Community Manager
Imperva
------------------------------
Original Message:
Sent: 11-05-2020 10:28
From: Shantanu Chaurasia
Subject: Get alert Info using API
Hi,
Has anyone used API/ scripts to pull alerts and its details from MX. If so, how?
Thanks
#On-PremisesWAF(formerlySecuresphere)
------------------------------
SC
------------------------------