Versions Compared

Old Version 6

changes.mady.by.user Borja Moro Moreno

Saved on

compared with

New Version Current

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel2
typeflat

...

Valid tags and data tables

The full tag must have 3 levels. The first two are fixed aswaf.signalsciences and the third identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

...

waf.signalsciences.request

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

hostname

str

 

id

str 

serverHostname

str

 

remoteIP

ip4

 

remoteHostname

str

 

remoteCountryCode

str

 

userAgent

str

 

timestamp

timestamp 

method

str 

serverName

str

 

protocol

str 

tlsProtocol

str 

tlsCipher

str 

path

str

 

uri

str

 

scheme

str 

headersIn

str 

agentResponseCode

int4 

responseCode

int4

 

responseSize

int4

 

responseMillis

int4

 

headersOut

str

 

summation__attrs

str 

summation__attrs__AllPreSignalsInformational

str 

summation__attrs__NetEffect

ip4

 

summation__attrs__country

str

 

summation__attrs__list

str

 

summation__attacks

str

 

tags

str

 

hostchain

str 

tag

str

 

rawMessage

str 

How is the data sent to Devo?

Logs generated by Signal Sciences Web Application Firewall are forwarded to Devo using a proprietary Apache nifi collector. Contact us if you need to forward these events to your Devo domain so we can guide you through the process.