In DAM Security Events/Alerts are not archived, in DAM we archive Audit data.
Assuming the traditional definition of archive - meaning storing data for long term retention. This cannot be achieved on Security events (EventIDs) and as an extension Alerts (which is nothing but similar events aggregated) both WAF and DAM .
------------------------------
Sarvesh Lad
Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
------------------------------
Original Message:
Sent: 09-21-2022 04:54
From: Olgerta Prendi
Subject: Archive WAF GW logs to FTP
Hi Philip,
The idea is that is done this kind of configuration and the only archived data are for DAM and not for WAF.
How can I do to extract for both?
As i mention below, for WAF we need the alerts to archive.
Kind Regards,
Olgerta
------------------------------
Olgerta Prendi
Cyber Security Specialist
S&T AG
Tirana
Original Message:
Sent: 09-20-2022 10:30
From: Philip Acton
Subject: Archive WAF GW logs to FTP
Hi Olgerta,
Can you please advise us of what logs you would like to archive from the WAF ?
It sounds like you just need to create an action set like this

https://docs.imperva.com/bundle/v14.4-waf-management-server-manager-user-guide/page/2399.htm
Let me know if that solves the issue for you.
Many thanks,
Philip
------------------------------
Philip Acton
Original Message:
Sent: 09-20-2022 09:47
From: Olgerta Prendi
Subject: Archive WAF GW logs to FTP
Hello,
The SecureSphere is in version 13.6 and DAM & WAF can be accessed from the same management.
I would like to archive logs of the WAF in a FTP Server. It must be used the same FTP as is the DAM. For DAM is configured and we can archive the data in the FTP.
How can I archive the logs in the FTP for the WAF?
Kind Regards,
Olgerta
#WAF #On-PremisesWAF(formerlySecuresphere)
#On-PremisesWAF(formerlySecuresphere)
------------------------------
Olgerta Prendi
Cyber Security Specialist
S&T AG
Tirana
------------------------------