Skip main navigation (Press Enter).

Imperva Cyber Community

View Only

Back to discussions

Expand all | Collapse all

policy violation files are getting stuck in the sonar_alerts directory and not getting ingested by DSF Hub

Mike Whalen09-25-2025 11:27

Our gateway server normally sends files to our DSF Hub for ingestion. Recently something happened (possbily ...

Revan Garlapati10-10-2025 09:17

could you please clearly explain like are you talking about the audit data send to DSF ( action) this ...

1. policy violation files are getting stuck in the sonar_alerts directory and not getting ingested by DSF Hub

Like
Mike Whalen
Posted 09-25-2025 11:27
Our gateway server normally sends files to our DSF Hub for ingestion. Recently something happened (possbily upgrade to 4.19 on DSF Hub) that caused violation... bson files in the sonar_alerts directory to not be moved. Is there a way to manually move these files for DSF Hub ingestion?

#DatabaseActivityMonitoring

------------------------------
Mike Whalen
Sr. Analyst, Distributed DB Security
Lincoln Financial Group
Radnor PA
------------------------------
2. RE: policy violation files are getting stuck in the sonar_alerts directory and not getting ingested by DSF Hub

Like
Revan Garlapati
Posted 10-10-2025 09:17
Edited by Revan Garlapati 10-10-2025 09:20
could you please clearly explain like are you talking about the audit data send to DSF ( action) this uses token based authorization and the port 8443 for communication ? or the manual scp data of your custom report like system events, agents report , etc ?

if you are looking for only security violation once check if this checkbox enabled in MX .

login to MX-> Admin-> system definitions->gateway settings -> Security Alerts Settings- > Send all DB security alerts to DSF Hub

------------------------------
Rev1
------------------------------

Powered by Higher Logic

Global message icon