Overview

iboss is a cloud security company that provides secure access service edge (SASE) solution.

Integrating your iboss logs to the Hunters ecosystem will allow storing the data in a parsed format, as well as investigate threat scenarios over it and getting related Hunters' detections for your tenant.

Supported Data Types

  • iboss Web Activity logs - Detailed internet activity logged by iboss (see more details here.)

Hunters Integration

In order to integrate your iboss logs into Hunters, the logs need to be collected from your network to a Storage Service (e.g. to an S3 bucket or Azure Blob Storage) shared with Hunters.

The expected format of the logs is the CSV format as exported by iboss. It is recommended to log the full schema, however any subset of the fields can be ingested given you are providing your specific schema to Hunters.

iboss Column names

'date','time','c-ip','r-ip','cs-username','s-computername','cs-computername','sc-action','s-action','cs-method','cs-uri','sc-status','csReferer','x-csReferer-uri-host','cs-categories','csUser-Agent','cs-uri-scheme','cs-host','cs-uri-port','r-port','cs-uri-path','cs-uri-query','rscontent-Type','cs-auth-group','x-exception-id','time-taken','cs-bytes','sc-bytes','bytes','cs-uri-extension','description','byte-count','mac-address','direction','mde','sha256sum','file-name','dlp-rule-name','dlp-base-encode-64','c-public-ip','c-private-ip','audit','local-proxy-port','policy-layers','policy-trace'