iboss

  • Updated on Jan 27, 2025
  • Published on May 28, 2023
Prev Next
Self Service Ingestion

Connect this data source on your own, using the Hunters platform.

TL;DR

Supported data types

3rd party detection

Hunters detection

IOC search

Search

Table name

Log format

Collection method

iboss Web Activity logs

✅

iboss_web_activity

CSV

S3

Overview

imageiBoss is a cloud-based cybersecurity platform that provides advanced network security to protect organizations from cyber threats. It offers features such as secure web gateways, malware defense, data loss prevention (DLP), and zero-trust network access (ZTNA). By leveraging a distributed cloud architecture, iBoss ensures secure internet access from any device or location, without relying on traditional VPNs. Its scalable, user-centric approach allows businesses to protect sensitive data, enforce compliance, and safeguard against evolving threats in a modern, hybrid work environment.

Supported data types

iboss Web Activity logs

Table name: iboss_web_activity

iBoss Web Activity logs record internet access and activities within an organization, capturing data like websites visited, bandwidth used, and time spent online. These logs are instrumental for security monitoring, compliance, and managing web usage policies, providing insights into user behavior and potential threats.

Learn more here.

Send data to Hunters

Hunters supports the ingestion of iboss logs via an intermediary AWS S3 bucket.

To connect iboss logs:

  1. Export your logs from iboss to an AWS S3 bucket.

  2. Once the export is completed and the logs are collected to S3, follow the steps in this section.

Expected format

The expected format of the logs is the CSV format as exported by iboss. It is recommended to log the full schema, however any subset of the fields can be ingested given you are providing your specific schema to Hunters.

iboss column names

'date','time','c-ip','r-ip','cs-username','s-computername','cs-computername','sc-action','s-action','cs-method','cs-uri','sc-status','csReferer','x-csReferer-uri-host','cs-categories','csUser-Agent','cs-uri-scheme','cs-host','cs-uri-port','r-port','cs-uri-path','cs-uri-query','rscontent-Type','cs-auth-group','x-exception-id','time-taken','cs-bytes','sc-bytes','bytes','cs-uri-extension','description','byte-count','mac-address','direction','mde','sha256sum','file-name','dlp-rule-name','dlp-base-encode-64','c-public-ip','c-private-ip','audit','local-proxy-port','policy-layers','policy-trace'