Is it possible to change the dataset of logs received API? Just like on logpush, the data set can be changed to either http request. spectrum event, firewall event.
Our client’s MSSQL app is proxied on spectrum and is being brute force attacked. We are trying to get the client IPs to validate and block the attackers, but all the logs we are getting from logpull are all HTTP request fields