Imperva Cyber Community

Where does data security fabric (DSF/ Sonar) log for example: 

• changes to system critical functions / configurations, 
• changes in policies of any type,
• changes in workflow,
• changes in access / authorizations. 

We know exactly where this listed or presented to us in DAM and we can setup action sets to send these alerts to our SIEM, so where is this available in DSF?
I'm aware of things like Monitoring Audit Policy History, which shows me the history but I'm asking about instant notification of changes.  Events and alerts written to an audit.log file etc.

#DatabaseActivityMonitoring
#jSonar

------------------------------
Albert Wong
Sr Security Engineer
Mufg Union Bank, National Association
San Francisco CA
------------------------------

https://docs.imperva.com/bundle/v4.19-sonar-admin-guide/page/80197.htm

Please see this link to stream the data from DSF Hub to your SIEM.

------------------------------
Nikhil Maini
------------------------------

Original Message:
Sent: 04-11-2025 16:21
From: Albert Wong
Subject: Is there a centralized logging location for DSF / Sonar Hub system (and other) changes and how to extract them.

Where does data security fabric (DSF/ Sonar) log for example: 

• changes to system critical functions / configurations, 
• changes in policies of any type,
• changes in workflow,
• changes in access / authorizations. 

We know exactly where this listed or presented to us in DAM and we can setup action sets to send these alerts to our SIEM, so where is this available in DSF?
I'm aware of things like Monitoring Audit Policy History, which shows me the history but I'm asking about instant notification of changes.  Events and alerts written to an audit.log file etc.

#DatabaseActivityMonitoring
#jSonar

------------------------------
Albert Wong
Sr Security Engineer
Mufg Union Bank, National Association
San Francisco CA
------------------------------