Imperva Cyber Community

View Only

Back to discussions

Expand all | Collapse all

Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

1. Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

Like
JothiRam Ravi
Posted 06-21-2023 07:12
I need to send the audit logs to SIEM. I thought of sending the logs of policy which only matches "Counterbreach for Database - All events" in terms of hoping that it would ship all the events. Am I correct?

Does policy "Counterbreach for Database - login Logouts" subset of "Counterbreach for Database - All events"?

Note: This is for archival purposes only.

#DatabaseActivityMonitoring

------------------------------
JothiRam
------------------------------
2. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

Like
Mitesh Mehta
Posted 06-22-2023 07:15
Hi JothiRam,

To send audit logs to SIEM use this article https: //docs.imperva.com/bundle/v14.7-database-activity-monitoring-user-guide/page/1656.htm

You mentioned that both policies are mainly used to send Imperva DAM audit data into Data Risk Analysis (DRA).

------------------------------
Regards,
𝐌𝐢𝐭𝐞𝐬𝐡 𝐌𝐞𝐡𝐭𝐚
Senior Security Consultant
Mumbai
------------------------------

Original Message
3. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

Like
JothiRam Ravi
Posted 06-22-2023 07:37
Mitesh,

Many thanks for your response. So there is no ADC policy that captures all events for compliance purposes.

------------------------------
JothiRam
------------------------------

Original Message
4. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

Like
Mitesh Mehta
Posted 06-22-2023 08:05
Hi Jothiram,

In DAM Monitoring for 'security and compliance policy is done in separate but parallel channels'.

SecureSphere delivers predefined policies that provide you with the ability to prove that your organization is compliant for further information please go through this article: https://docs.imperva.com/bundle/v14.7-database-activity-monitoring-user-guide/page/1170.htm

------------------------------
Regards,
𝐌𝐢𝐭𝐞𝐬𝐡 𝐌𝐞𝐡𝐭𝐚
Senior Security Consultant
Mumbai
------------------------------

Original Message

Imperva Cyber Community

Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

JothiRam Ravi06-21-2023 07:12

Mitesh Mehta06-22-2023 07:15

JothiRam Ravi06-22-2023 07:37

Mitesh Mehta06-22-2023 08:05

1. Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

2. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

3. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

4. RE: Does the policy "Counterbreach for Database - All events" includes all the audit events? or does it includes only specific events

Contact Us

Membership

Privacy & Terms