Akamai API Security · Schema

siem-settings

Contains Security Information Event Management (SIEM) integration settings.

API DiscoveryAPI SecurityCloud SecurityPosture ManagementRuntime ProtectionThreat Protection

Properties

Name Type Description
enableForAllPolicies boolean Whether you enabled SIEM for all the security policies in the configuration version.
enableSiem boolean Whether you enabled SIEM in a security configuration version.
enabledBotmanSiemEvents boolean __Deprecated__ Whether you enabled SIEM for the Bot Manager events. Use `exceptions` parameter instead to set botman siem events exception.
exceptions array Describes all attack type exceptions that will be ignored in siem events.
firewallPolicyIds array The list of security policy identifiers for which to enable the SIEM integration.
siemDefinitionId integer Uniquely identifies the SIEM settings.
View JSON Schema on GitHub

JSON Schema

api-security-siem-settings-schema.json Raw ↑ 
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/akamai-api-security/refs/heads/main/json-schema/api-security-siem-settings-schema.json",
  "title": "siem-settings",
  "description": "Contains Security Information Event Management (SIEM) integration settings.",
  "type": "object",
  "properties": {
    "enableForAllPolicies": {
      "description": "Whether you enabled SIEM for all the security policies in the configuration version.",
      "type": "boolean"
    },
    "enableSiem": {
      "description": "Whether you enabled SIEM in a security configuration version.",
      "type": "boolean"
    },
    "enabledBotmanSiemEvents": {
      "description": "__Deprecated__ Whether you enabled SIEM for the Bot Manager events. Use `exceptions` parameter instead to set botman siem events exception. ",
      "type": "boolean",
      "x-akamai": {
        "status": "DEPRECATED"
      }
    },
    "exceptions": {
      "description": "Describes all attack type exceptions that will be ignored in siem events.",
      "items": {
        "additionalProperties": false,
        "properties": {
          "actionTypes": {
            "description": "Describes actions to be excluded for a particular attack type. A `*` value means all actions.",
            "items": {
              "enum": [
                "*",
                "alert",
                "deny",
                "all_custom",
                "abort",
                "allow",
                "delay",
                "ignore",
                "monitor",
                "slow",
                "tarpit"
              ],
              "type": "string"
            },
            "type": "array"
          },
          "protection": {
            "description": "Attack type to be added as an exception.",
            "enum": [
              "ipgeo",
              "rate",
              "urlProtection",
              "slowpost",
              "customrules",
              "waf",
              "apirequestconstraints",
              "clientrep",
              "malwareprotection",
              "botmanagement",
              "aprProtection"
            ],
            "type": "string"
          }
        },
        "type": "object"
      },
      "type": "array"
    },
    "firewallPolicyIds": {
      "description": "The list of security policy identifiers for which to enable the SIEM integration.",
      "items": {
        "type": "string"
      },
      "type": "array"
    },
    "siemDefinitionId": {
      "description": "Uniquely identifies the SIEM settings.",
      "type": "integer"
    }
  },
  "required": [
    "enableSiem"
  ],
  "additionalProperties": false
}