Imperva Cyber Community

Expand all | Collapse all

Get alert Info using API

  • 1.  Get alert Info using API

    Posted 29 days ago

    Has anyone used API/ scripts to pull alerts and its details from MX. If so, how?



  • 2.  RE: Get alert Info using API

    Community Manager
    Posted 25 days ago

    @Shantanu Chaurasia

    It could make sense for you to look at the Imperva github page around mx-toolbox​@Brian Anderson also talks about some of this in a webibar he hosted several months back. Found here: GitHub Tools - Imperva API Composer.  

    Does this help? 

    The SecureSphere / WAF Gateway  MX-Toolbox is a general purpose repository for custom packages, integrations, and monitoring add-ons for the SecureSphere MX and Gateway appliances.

    1. Alerts to New Relic - Send alerts to New Relic via custom action set
    2. Camo CX-Discover Integration - Process CAMO classification .csv report to create table groups, and convert to json to push to S3
    3. ServiceNow Integration - Alert to incident, change control reconciliation audit enrichment, close-the-loop updating change requests with queries, and vulnerability assessment export to CMDB and vulnerable items in ServiceNow
    4. Export KRP Rules to Dataset - Export KRP rules in the siote tree to .csv and upload to data set
    5. Export WAF Profile Learned Hosts to CSV - Export all learned hosts in web profiles to .csv
    6. Export Table Groups to CSV - Export table groups to .csv
    7. MX WAF Security Policy Sync - Replicate and sync security policies across multiple MXs in AWS
    8. MX and Gateway Performance Monitoring - Output performance data (CPU, counters, network stats, disk, etc) from both MX and Gateway appliances in near real-time simultaneously to new relic, influxdb/grafana, and/or to SIEM via syslog with uniquely indexed json.

    Christopher Detzel
    Community Manager

  • 3.  RE: Get alert Info using API

    Imperva Employee
    Posted 24 days ago
    @Shantanu Chaurasia
    You could use SecureSphere API to pull alert details.

    John Andra

  • 4.  RE: Get alert Info using API

    Posted 22 days ago
    Thanks Christopher and John, I will try these.