Skip to main content
Sumo Logic

Install the Imperva - Incapsula Web Application Firewall App and view the Dashboards

Install the Sumo Logic App

Now that you have set up collection for Imperva Incapsula - Web Application Firewall, install the Sumo Logic App to use the pre-configured searches and dashboards that provide visibility into your environment for real-time analysis of overall usage.

To install the app:

Locate and install the app you need from the App Catalog. If you want to see a preview of the dashboards included with the app before installing, click Preview Dashboards.

  1. From the App Catalog, search for and select the app. 
  2. To install the app, click Add to Library and complete the following fields.
    1. App Name. You can retain the existing name, or enter a name of your choice for the app.

    2. Data Source. Select either of these options for the data source.

      • Choose Source Category, and select a source category from the list.

      • Choose Enter a Custom Data Filter, and enter a custom source category beginning with an underscore. Example: (_sourceCategory=MyCategory).

    3. Advanced. Select the Location in Library (the default is the Personal folder in the library), or click New Folder to add a new folder.
    4. Click Add to Library.

Once an app is installed, it will appear in your Personal folder, or other folder that you specified. From here, you can share it with your organization. See Welcome to the New Library for information on working with the library in the new UI.

Panels will start to fill automatically. It's important to note that each panel slowly fills with data matching the time range query and received since the panel was created. Results won't immediately be available, but with a bit of time, you'll see full graphs and maps. 

Dashboards

Imperva - Incapsula WAF - Overview

See the overview of your WAF service including the source IP address, client app, user agent, country, ADR rules, and policy type.

Overview.png
Client App Top Values. See the top 10 client apps by count in the last 14 days on a bar chart.

Source IP Top Values. See the top 10 source IP addresses by count in the last 14 days on a column chart.

Browser Type Top Values. See the top 10 browser types by count in the last 14 days on a pie chart.

Country Top Values. See the top 10 countries by count in the last 14 days on a column chart.

User Agent Top Values. See the top 10 user agents by count in the last 14 days displayed in a table.

URL Top Values. See the top 10 URLs by count in the last 14 days displayed in a table.

Policy Type. See the count and percentage of policy types in the last 14 days on a pie chart.

Top Applied ADR Rules. See the top 10 applied ADR rules by count in the last 14 days displayed in a table.

Imperva - Incapsula WAF - Blocked Countries

See the details of blocked countries in your WAF service including the source IP address, browser type, top countries, and user agent.

Blocked Countries.png

Blocked Countries Top Values. See the top 10 blocked countries by count in the last 14 days on a pie chart.

Source IP Top Values. See the top 10 source IP addresses by count in the last 14 days on a column chart.

Browser Type Top Values. See the top 10 browser types by count in the last 14 days on a pie chart.

User Agent Top Values. See the top 10 user agents by count in the last 14 days displayed in a table.

Threat Table based on Client IP. See the details of threats in the last 24 hours based on client IP address including the main client IP address, malicious confidence, actor, source, label name, browser type, attack type, rule name, country code, server IP, server port , client app, method, post body, URL, user agent, and count, displayed in a table.

Imperva - Incapsula WAF BOT - Access Control

See the details of BOT access control in your WAF service including the city, country, browser type, source IP address, and user agent.

BOTaccessControl.png

City Top Values. See the top 10 cities by count in the last 14 days on a column chart.

Country Top Values. See the top 10 countries by count in the last 14 days on a column chart.

Browser Type Top Values. See the top 10 browser types by count in the last 14 days on a column chart.

Geo Lookup. See the count and location of BOT access controls in the last 14 days on a world map.

User Agents Top Values. See the top 10 user agents by count in the last 14 days on a bar chart.

Source IP Top Values. See the top 10 source IP addresses by count in the last 14 days on a bar chart.