Hello Richard,
I looked for any occurrence of PowerBI usage in cases and knowledgebase. Unfortunately there isn't any example of it.
I have found some examples for our Cloud Waf solution (using Rest API)
I don't know the protocols used in PowerBI but we have several options for integrating our solutions with 3rd parties.
Maybe you have tried it already but it is a very straight-forward process, let me explain it below.
First of all you have to define Action Interfaces in Admin>System Definitions (point to the host, remove any unnecessary placeholders-determined by the SIEM admin) 1. CEF format is commonly accepted2. LEEF format is less common, but used on occasion and we have seen it in the field3. Syslog format is commonly accepted4. The SIEM admin should know what format they want. If they don't, sending them events in each format can help them determine which to use.
a. Often, the SIEM admin will need to accept traffic/add the MX hostname/IP to known/authorized loggers
b. If traffic isn’t arriving at the SIEM, either the above is true or else a network issue could be preventing communication
c. TCPdump-ing the interfaces on both host (MX or gateway) and destination (SIEM) should reveal where the disconnect lies
If the logging needs to take place from the Gateways due to high volume (audit logging or security event logging), this is configured using a specific action interface (label includes “Gateway log”) and
in Main>Setup>Gateways>[click on the gateway group or cluster]>In the Details tab>External Logger>Populate the desired transport method (TCP is reliable, UDP is faster, SIEM admin should determine which to use) with host information.
You may also check the documents and can have an idea about it.
https://docs.imperva.com/bundle/v13.6-administration-guide/page/6785.htm
I hope It helps.
------------------------------
Orkun Utku
------------------------------
Original Message:
Sent: 01-05-2021 08:30
From: Richard Sharp
Subject: Reporting through PowerBI
Can MS PowerBI be used for more comprehensive reporting from the MX's?
Thanks for any input or advice.
Richard Sharp
#DatabaseActivityMonitoring
#DatabaseActivityMonitoring
------------------------------
Richard Sharp
Regions Bank
Hoover AL
------------------------------