To integrate Barracuda Application Protection, do the following:
Copy the application IDs
Enable Barracuda Application Protection integration
Configure the Web Application Firewall for syslog output
To copy the application IDs
Log into WAAS (Application Protection) and copy the application ID from the URL.
For example, if the URL of the WAAS application is:https://waas.barracudanetworks.com/applications/12345/dashboard
The app id is 12345.If you have multiple application IDs, repeat for each application id you want to monitor.
To configure log export
The following steps should be followed for each application.
Log into WAAS.
Navigate to the application you want to monitor.
In the Export Logs section, click Add Export Log Server.
On the Edit Export Log Server page, do the following:
In Name, type
Barracuda XDR
.In Log Server Type, select Syslog NG.
In Log Server Communication (if present), select Send logs to the Log Server directly from the WAF Container.
In Server Address, type
barracudawaas.ingest.skoutsecure.com
.In Port, type
9256
.In Connection Type, select UDP.
In Firewall Logs, select XDR.
In Access Logs, select XDR.
In Event Logs, select Do Not Export.
Click Save.
To enable Barracuda Application Protection
In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Barracuda Application Protection card, click Setup.
Select the Enabled check box.
Enter an application ID from the previous procedure.
If you have multiple application IDs, click Add Another and enter another application ID. Repeat until you have added all your IDs.
Click Save.