Connect this data source on your own, using the Hunters platform.
TL;DR
Supported data types | 3rd party detection | Hunters detection | IOC search | Search | Table name | Log format | Collection method |
|---|---|---|---|---|---|---|---|
Akamai Security Events | ✅ | ✅ | akamai_security_events | JSON | API |
Overview
Akamai’s Content Delivery Network (CDN) is a leading solution designed to accelerate and secure digital content delivery across the globe. By leveraging a distributed network of servers, Akamai optimizes website and application performance, reduces latency, and ensures high availability even during traffic spikes. Additionally, it provides integrated security features like DDoS protection and Web Application Firewall (WAF), enabling businesses to deliver fast, reliable, and secure digital experiences to users worldwide.
Supported data types
Akamai Security Events
Table name: akamai_security_events
Akamai Security Events refer to the actionable insights and alerts generated by Akamai’s cloud-based security solutions, such as the Web Application Firewall (WAF), Bot Manager, and DDoS protection services. These events capture suspicious or malicious activities targeting web applications, APIs, and network infrastructure, including SQL injections, cross-site scripting (XSS), bot attacks, credential stuffing, and distributed denial-of-service attempts. Security teams can monitor, analyze, and respond to these events via Akamai’s Security Center or integrate them with SIEM tools for centralized threat management, helping organizations maintain a strong security posture and quickly mitigate evolving cyber threats.
Learn more here.
Send data to Hunters
Hunters supports the ingestion of Akamai logs using an API connection.
To connect Akamai logs:
Follow this guide until step 3 to set up Akamai SIEM integration. As part of this process, complete the steps in this guide to download an .edgerc file that contains the following information:
Client secret
Host
Access token
Client token
Copy and paste these values into the Hunters platform, following these guidelines.
Expected format
Logs are expected in JSON format.
Akamai Security Events
{
"attackData": {
"clientIP": "192.0.2.45",
"configId": "12345",
"policyId": "abc1_987654",
"ruleActions": "YWxlcnQ%3d%3b",
"ruleData": "OCBtZXNzYWdlIHRlc3Qgc2Vjb25k%3d%3b",
"ruleMessages": "SVAgMTkyLjAuMi40NSByZWNlbnRseSBoYXZpbmcgZXhjZXB0aW9uIGNhdGVnb3J5IGJ1Y2tldCgzLFBPU1QgUGFnZSBSZXF1ZXN0cyk%3b",
"ruleSelectors": "%3b",
"ruleTags": "SVBCTE9DSy9BUFAvQlVSU1Q%3d%3b",
"ruleVersions": "%3b",
"rules": "SVBCTE9DSy1CVVJTVF9URVNUIA%3b"
},
"format": "json",
"geo": {
"asn": "64512",
"city": "Faketown",
"continent": "EU",
"country": "NL",
"regionCode": "NH"
},
"httpMessage": {
"bytes": "0",
"host": "store.example.com",
"method": "POST",
"path": "/nl-nl/api/consent",
"port": "443",
"protocol": "h2",
"requestHeaders": "Host%3a%20store.example.com%0d%0aContent-Length%3a%201234%0d%0aSec-CH-UA-Platform%3a%20%22Windows%22%0d%0ax-csrf-token%3a%20abcd1234-5678-90ab-cdef-1234567890ab%0d%0ax-custom-auth%3a%20eyJ1c2VyIjoiYW5vbnltb3VzIn0%3b%20opened_login%3dtrue%3b%20dtCookie%3dv_4_srv_1_sn_FAKECOOKIE12345_0%0d%0a",
"requestId": "abcdef12",
"responseHeaders": "X-OneAgent-JS-Injection%3a%20true%0d%0aStrict-Transport-Security%3a%20max-age%3d31536000%3b%20includeSubDomains%0d%0aX-Content-Type-Options%3a%20nosniff%0d%0aLocation%3a%20%2fnl-nl%2f%0d%0aTiming-Allow-Origin%3a%20*%0d%0aServer-Timing%3a%20dtSInfo%3bdesc%3d%220%22,%20dtRpid%3bdesc%3d%221234567890%22,%20dtTao%3bdesc%3d%221%22%0d%0aContent-Length%3a%200%0d%0aExpires%3a%20Wed,%2007%20May%202025%2015%3a04%3a19%20GMT%3b%20Path%3d%2f%3b%20Secure%3b%20HttpOnly%0d%0aAlt-Svc%3a%20h3%3d%22%3a443%22%3b%20ma%3d93600%0d%0a",
"start": "1746630259",
"status": "302",
"tls": "tls1.3"
},
"type": "akamai_siem",
"version": "1.0"
}