| Table of Contents | ||||
|---|---|---|---|---|
|
Introduction
The tags beginning with waf.signalsciences identify events generated by Signal Sciences Web Application Firewall belonging to Signal Sciences.
Valid tags and data tables
The full tag must have 3 levels. The first two are fixed aswaf.signalsciences. The and the third level identifies the type of events sent.
...
Technology
...
Brand
...
Type
...
Subtype
...
waf
...
signalsciences
...
These are the valid tags and corresponding data tables that will receive the parsers' data:
Product / Service |
|---|
Tags | Data |
|---|
tables | ||
|---|---|---|
Signal Sciences Web Application Firewall |
|
|
Table structure
These are the fields displayed in this table:
waf.signalsciences.request
Field | Type | Extra fields |
|---|---|---|
eventdate |
| |
hostname |
| |
id |
| |
serverHostname |
| |
remoteIP |
| |
remoteHostname |
| |
remoteCountryCode |
| |
userAgent |
| |
timestamp |
| |
method |
| |
serverName |
| |
protocol |
| |
tlsProtocol |
| |
tlsCipher |
| |
path |
| |
uri |
| |
scheme |
| |
headersIn |
| |
agentResponseCode |
| |
responseCode |
| |
responseSize |
| |
responseMillis |
| |
headersOut |
| |
summation__attrs |
| |
summation__attrs__AllPreSignalsInformational |
| |
summation__attrs__NetEffect |
| |
summation__attrs__country |
| |
summation__attrs__list |
| |
summation__attacks |
| |
tags |
| |
hostchain |
| ✓ |
tag |
| ✓ |
rawMessage |
| ✓ |
How is the data sent to Devo?
Logs generated by Signal Sciences Web Application Firewall are forwarded to Devo using a proprietary Apache nifi collector. Contact us if you need to forward these events to your Devo domain so we can guide you through the process.