Splunk Enterprise Security

Which Imperva Audit Policies should be sent to Splunk?

kwagner001
New Member

When using the Imperva Database Audit Analysis app (app number 3063), which DB Audit Policies should have their data sent to Splunk? The Database Connections Policy for sure (DB logins), but should things like the DDL or Database Configurations policies be sent as well? What about custom policies? Is there a standard set of Imperva DB Audit policies that should be used with Splunk Enterprise Security?

0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!