Sometimes you may need to combine Wallarm findings with data from other services (e.g., your application logs) for in-depth analysis and investigation of attacks, incidents, and vulnerabilities. Or you may want to get a list of indicators of compromise (IOCs) from detected attacks and incidents, such as attacker IP addresses, detected malicious payloads, and so on. These IOCs are necessary to conduct in-depth security incident investigations.

For these and other similar scenarios, you can get a CSV formatted report with attack, incident, and vulnerability events. Just perform a search query for the events you need and request a report with them in the CSV format. The generated report will be sent to your email address.

See the Wallarm documentation for more details.