Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  Audit Archive Settings

    Posted 02-20-2023 09:39

    Good day dear All

    i need help

    can't find Audit Archive Settings (Setup > Gateways > Gateway Details > Audit Archive Settings).

    screen

    #AllImperva

    ------------------------------
    Evgenii Khon
    IT – Security Officer
    Demir Kyrgyz International Bank CJSC
    Bishkek
    ------------------------------


  • 2.  RE: Audit Archive Settings
    Best Answer

    Posted 02-20-2023 17:00
    Edited by Evgenii Khon 02-21-2023 01:55

    Hi,

    You are in the wrong section.

    Please navigate to Setup > Settings > Archive Settings.

    These are then used in audit policies See below example where it references the above default archive settings:

    Hope this helps!

    Regards,


    ------------------------------
    Sarvesh Lad
    Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
    ------------------------------

    Original Message


  • 3.  RE: Audit Archive Settings

    Posted 02-21-2023 01:59

    Hi Sarvesh Lad

    Thanks a lot for your answer, your answer helped me.

    Currenty i have another problem,

    It's impossible to make test connection

    imperva


    ------------------------------
    Evgenii Khon
    IT – Security Officer
    Demir Kyrgyz International Bank CJSC
    Bishkek
    ------------------------------

    Original Message


  • 4.  RE: Audit Archive Settings

    Posted 02-21-2023 10:17

    Hi,

    First are you running the archive action set on the gateway or the MX? This will be relevant on where to look logs. You can check here by selecting the gateway (not the gateway group) under Setup > Gateway

    Two things you need to check:

    1. Connect to the CLI and run "tail_svlog" command depending on the option you have on top (MX or GW)
    2. Check the logs for the FTP server
      1. Verify the request reached the server by checking the FTP server logs
      2. If it did, see what errors it threw, could be permission, authentication or incorrect path etc
        The screenshot shows authentication error, so check typos on username/password
      3. If its not reaching the FTP server, check with your network team to verify the MX/GW can reach the FTP server at the relevant ports.


    ------------------------------
    Sarvesh Lad
    Tech Lead @ On-Prem Managed Services (WAF, DAM, DRA & Sonar)
    ------------------------------

    Original Message


  • 5.  RE: Audit Archive Settings

    Posted 02-21-2023 10:17

    After filling in all fields you have to click SAVE before the test or check the settings on FTP server.



    ------------------------------
    Karol Gruszczynski
    IT Security Expert
    Trafford IT Sp. z o.o.
    Warsaw
    ------------------------------

    Original Message


  • 6.  RE: Audit Archive Settings

    Posted 03-02-2023 22:32
    Edited by Evgenii Khon 03-15-2023 01:13

    Dear All good Day

    thank you for your feedback

    we managed to make a test connection with nas.



    ------------------------------
    Evgenii Khon
    IT – Security Officer
    Demir Kyrgyz International Bank CJSC
    Bishkek
    ------------------------------

    Original Message