SIEM integration

For a seamless integration of SIEM solutions with Airlock WAF, support for JSON and CEF (Common Event Format) data formats for log forwarding was added. Airlock’s CEF integration in HP ArcSight has been officially certified. Furthermore, the Airlock App for Splunk has been revised based on the new log format and will soon be published in version 2.0.

The Airlock App for Splunk® makes aggregated management reports available on security issues and application usage. Network administrators can use various dashboards to investigate security-critical events so application and performance problems are rapidly resolved.

Dashboards

All eight dashboards allow statistic grouping by virtual host, mappings, countries, etc.​ The dashboards include an overview and details reports for session statistics, traffic, attacks, rejected requests, performance, request analyzer and connectivity issues.

Highlights

  • Ready-made product
  • Specific dashboards for Airlock use cases
  • Ongoing product enhancements
  • Aggregated management reports
  • Splunk field definitions for Airlock log reports
  • Individual search queries are possible
  • Maintenance by Ergon