I have setup the Graylog server to receive log from Imperva WAF. Imperva is communicating with the Graylog server.
However, I cannot continue to configure the Gralog server to get inputs/logs from Imperva, because the help on the Imperva blog site is outdated - https://www.imperva.com/blog/imperva-cloud-waf-and-graylog-part-ii-how-to-collect-and-ingest-siem-logs/
Legacy “collectors” are used instead of sidecars and content pack input is for Graylog3.x while the new version of Graylog installed is 4x
Please help with latest documentation or advise to configure Graylog 4.2.1 to get logs from Imperva and how to get the latest content pack.
Configure the Output and Input of the collectors or Sidecar
Configure a New Log Collector in Graylog
Configure sidecar collector
Creating Log Inputs and Extractors with Incapsula
Download the correct Incapsula SIEM package for Graylog from Github and get the latest .json file for graylog 4.x