Document toolboxDocument toolbox

dbsec.imperva

Introduction

The tags beginning with dbsec.imperva identify events generated by Imperva.

Valid tags and data tables 

The full tag must have 3 levels. The first two are fixed as dbsec.imperva. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Imperva SecureSphere

dbsec.imperva.securesphere.alerts

dbsec.imperva.securesphere.alerts

dbsec.imperva.securesphere.events

dbsec.imperva.securesphere.events

dbsec.imperva.securesphere.system

dbsec.imperva.securesphere.system

For more information, read more About Devo tags.

Table structure

These are the fields displayed in these tables:

dbsec.imperva.securesphere.alerts

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

leefVer

str

 

vendor

str

 

product

str

 

version

str

 

eventID

str

 

type

str

 

Alert_Action

str

 

Alert_Date

str

 

Policy_Name

str

 

usrName

str

 

host

str

 

violations

str

 

Server_Group

str

 

Service_Name

str

 

app

str

 

sourceapp

str

 

proto

str

 

src

str

 

dst

str

 

spt

str

 

dpt

str

 

severity

str

 

Violated_Item

str

 

Violation_Description

str

 

description

str

 

VIO_LIST

str

 

Gateway

str

 

Raw_Data

str

 

hostchain

str

 ✓

tag

str

 ✓

rawMessage

str

 

dbsec.imperva.securesphere.events

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

leefVer

str

 

vendor

str

 

product

str

 

version

str

 

eventID

str

 

Server_Group

str

 

Service_Name

str

 

Application_Name

str

 

Source_Type

str

 

User_Type

str

 

usrName

str

 

User_Group

str

 

Authenticated

str

 

App_User

str

 

src

str

 

Application

str

 

OS_User

str

 

Host

str

 

Service_Type

str

 

dst

str

 

Event_Type

str

 

Operation

str

 

Operation_type

str

 

Policy_Name

str

 

Object_name

str

 

Object_type

str

 

Subject

str

 

Database

str

 

Schema

str

 

Table_Group

str

 

Sensitive

str

 

Privileged

str

 

Stored_Proc

str

 

Completed_Successfully

str

 

Raw_Data

str

 

Bind_Variables

str

 

Error

str

 

Response_Size

str

 

Response_Time

str

 

Affected_Rows

str

 

devTimeFormat

str

 

devTime

str

 

Event

str

 

hostchain

str

✓

tag

str

✓ 

rawMessage

str

 

dbsec.imperva.securesphere.system

Field

Type

Extra fields

Field

Type

Extra fields

eventdate

timestamp

 

hostname

str

 

leefVer

str

 

vendor

str

 

product

str

 

version

str

 

eventID

str

 

type

str

 

date

str

 

severity

str

 

user

str

 

inner_message

str

 

hostchain

str

 ✓

tag

str

 ✓

rawMessage

str

Â