<< PREVIOUSNEXT >>

 

 

FOR VSP-WEB EVENTS

 

Configure a webhook for VSP-Web events with the below values: 

  1. Incident Filter – Selected

    1. Applied Filter - Web Attack

  2. Body

     

    {

      "severity": "${Severity}",

      "incident_type": "${Properties[Type]}",

      "host_ip": "${Host Ip}",

      "action_taken": "${Attributes[Action]}",

      "description": "${Properties[Incident Description]}",

      "session_id": "${Attributes[Session token id]}",

      "eventtime": "${Properties[eventTime]}",

      "http_host": "${Attributes[Http Host]}",

      "attacker_port": "${Attributes[Attacker Port]}",

      "hostname": "${Host Name}",

      "incident_id": "${Display Id}",

      "event_type": "${Properties[category]}",

      "incident_state": "${Incident State}",

      "attacker_ip": "${Attributes[Attacker IP]}",

      "http_request_url": "${Attributes[HTTP Request]}"

    }

     

    Picture 33

 

<< PREVIOUSNEXT >>