Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  Imperva Cloud WAF logs to ON premise SIEM

    Posted 07-06-2024 12:08

    Hello Everyone 

    I am trying to get logs from Imperva WAF to our on premise Syslog server which will ingest to SIEM .  Running the python script is failing and is not able to find Settings.Config file , which is there at the prescribed location. Provided documentation in GitHub does not provide any solution . Is it related to any permissions , though I checked it by changing ownership  and all but of no use 

    Can someone help ?


    #CloudWAF(formerlyIncapsula)

    ------------------------------
    Arpit Sharma
    Principal Data Security Engineer
    DFC Global Corp.
    Berwyn PA
    ------------------------------


  • 2.  RE: Imperva Cloud WAF logs to ON premise SIEM

    Posted 07-17-2024 08:45

    Good Morning

    Hi Arpit how are you?

    I believe that now you probably fixed it but the Settings.Config can find it on WAF:

    Download it and put (I normally ask to customer to let together with python's folder), on your Collector.

    Good Luck



    ------------------------------
    Roberto Junior
    Technical User
    ETEK Novared Brasil Ltda
    São Paulo
    ------------------------------



  • 3.  RE: Imperva Cloud WAF logs to ON premise SIEM

    Posted 07-17-2024 11:18

    Hello Roberto

    The settinsgs.config file  is already downloaded and copied to /etc/incapsula/logs/config loaction (which is default) ..But still it gives this error message 



    ------------------------------
    Arpit Sharma
    Principal Data Security Engineer
    DFC Global Corp.
    Berwyn PA
    ------------------------------