Imperva Cyber Community

 View Only
  • 1.  ElasticSearch FileBeat

    Posted 10 days ago
    Hi.
    I think this is more a elasticsearch than an imperva question, but just to know if anybody worked in a similar scenario.
    We are downloading the "WAF Log Setup" from  our Imperva CloudWaf daily using the "incapsula-logs-downloader" python script provided by imperva.
    The next step is to import those file into a elasticsearch, but it look like the abailable imperva (SecureSphere) filebeat integration is not working for this kind of logs (as you would expect by the name of the integrator).
    Any workaround  about this situation, any compatible filebeat integration for Imperva CloudWaf logs?  I know that one solution could be to parse the CloudWaf log in Logstash, but just to know if there is a simpler solution.

    Thank!
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Ricardo Gilberto
    Analista Seguridad
    Ciudad de Buenos Aires
    ------------------------------


  • 2.  RE: ElasticSearch FileBeat

    Community Manager
    Posted 5 days ago
    Hi Ricardo,

    Thanks for your post. 
    I have raised this with some of our internal experts and they are going to do a little digging.
    Let us know if you learn anything else from your side.

    Thanks,

    ------------------------------
    Sarah Lamont(csp)
    Digital Community Manager
    ------------------------------