Letting us capture body for X requests and then setting a filter is desperately needed. We cannot perform proper analysis of anything without the body half the time
It's a good idea, but that option should have enable/disable feature or send only to local SIEM. For example - when I want to use CE solution, I don't want to send so significant logs to XC cloud
Currently in XC Cloud, during a security event, the payload that triggered the event is often missing or not fully visible in the event logs. This lack of visibility makes it challenging to understand why exactly the event was triggered. Consequently, when application teams request logs or evidence to validate the event or perform RCA, there's no native option to extract or share those logs or take a snapshot of the payload for analysis.
Guest
Letting us capture body for X requests and then setting a filter is desperately needed. We cannot perform proper analysis of anything without the body half the time
It's a good idea, but that option should have enable/disable feature or send only to local SIEM.
For example - when I want to use CE solution, I don't want to send so significant logs to XC cloud
Currently in XC Cloud, during a security event, the payload that triggered the event is often missing or not fully visible in the event logs. This lack of visibility makes it challenging to understand why exactly the event was triggered. Consequently, when application teams request logs or evidence to validate the event or perform RCA, there's no native option to extract or share those logs or take a snapshot of the payload for analysis.