Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  ElasticSearch FileBeat

    Posted 05-12-2022 10:17
    Hi.
    I think this is more a elasticsearch than an imperva question, but just to know if anybody worked in a similar scenario.
    We are downloading the "WAF Log Setup" from  our Imperva CloudWaf daily using the "incapsula-logs-downloader" python script provided by imperva.
    The next step is to import those file into a elasticsearch, but it look like the abailable imperva (SecureSphere) filebeat integration is not working for this kind of logs (as you would expect by the name of the integrator).
    Any workaround  about this situation, any compatible filebeat integration for Imperva CloudWaf logs?  I know that one solution could be to parse the CloudWaf log in Logstash, but just to know if there is a simpler solution.

    Thank!
    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Ricardo Gilberto
    Analista Seguridad
    Ciudad de Buenos Aires
    ------------------------------


  • 2.  RE: ElasticSearch FileBeat

    Posted 05-17-2022 05:04
    Hi Ricardo,

    Thanks for your post. 
    I have raised this with some of our internal experts and they are going to do a little digging.
    Let us know if you learn anything else from your side.

    Thanks,

    ------------------------------
    Sarah Lamont(csp)
    Digital Community Manager
    ------------------------------



  • 3.  RE: ElasticSearch FileBeat

    Posted 06-22-2022 14:25
    Did you find out any information about setting up filebeat? for Imperva?

    ------------------------------
    David Gorman
    eCommerce Service Manager - GlaxoSmithKline
    ------------------------------