Hi.
I think this is more a elasticsearch than an imperva question, but just to know if anybody worked in a similar scenario.
We are downloading the "WAF Log Setup" from our Imperva CloudWaf daily using the "incapsula-logs-downloader" python script provided by imperva.
The next step is to import those file into a elasticsearch, but it look like the abailable imperva (SecureSphere) filebeat integration is not working for this kind of logs (as you would expect by the name of the integrator).
Any workaround about this situation, any compatible filebeat integration for Imperva CloudWaf logs? I know that one solution could be to parse the CloudWaf log in Logstash, but just to know if there is a simpler solution.
Thank!
#CloudWAF(formerlyIncapsula)------------------------------
Ricardo Gilberto
Analista Seguridad
Ciudad de Buenos Aires
------------------------------