Modify SIEM settingsCopy Pageput https://{hostname}/appsec/v1/configs/{configId}/versions/{versionNumber}/siemAll products Update SIEM settings for a specific configuration.Path ParamsconfigIdint64requiredA unique identifier for each configuration.versionNumberintegerrequiredA unique identifier for each version of a configuration.Query ParamsaccountSwitchKeystringFor customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.Body ParamsContains Security Information Event Management (SIEM) integration settings.enableForAllPoliciesbooleanWhether you enabled SIEM for all the security policies in the configuration version.truefalseenableSiembooleanrequiredWhether you enabled SIEM in a security configuration version.truefalseenabledBotmanSiemEventsbooleandeprecatedDeprecated Whether you enabled SIEM for the Bot Manager events. Use exceptions parameter instead to set botman siem events exception.truefalseexceptionsarray of objectsDescribes all attack type exceptions that will be ignored in SIEM events.exceptionsADD objectfirewallPolicyIdsarray of stringsThe list of security policy identifiers for which to enable the SIEM integration.firewallPolicyIdsADD stringincludeJA4FingerprintToSiembooleanWhether you enabled JA4 header forwarding for SIEM.truetruefalsesiemDefinitionIdintegerUniquely identifies the SIEM settings.HeadersacceptstringenumDefaults to application/jsonGenerated from available response content typesapplication/jsonapplication/problem+jsonAllowed:application/jsonapplication/problem+jsonResponses 200Successfully retrieved SIEM settings. 400Bad request. Invalid request body or URL parameter input. 403Forbidden. You don't have access to the resource. 404Not found. That resource doesn't exist, or the URL is malformed.Updated about 1 month ago