Cisco Cisco Web Security Appliance S670 기술 매뉴얼
In the Retrieval Method field, choose SCP on Remote Server.
4.
Enter the SCP host name or the IP address of the SCP server.
5.
Enter the SCP port number.
Note: The default setting is port 22.
6.
Enter the full path name of the SCP server target directory to which the the logs will be transfered.
7.
Enter the username for the SCP server authenticated user.
8.
If you want to automatically scan the host key or manually enter the host key, then enable Host Key
Checking.
Checking.
9.
Click Submit. The SSH key that you will place into the SCP server authorized_keys file should now
appear near the top of the Edit Log Subscription page. Here is an example of a successfulmessage
from the WSA:
appear near the top of the Edit Log Subscription page. Here is an example of a successfulmessage
from the WSA:
10.
Click Commit Changes.
11.
If the SCP sever is a Linux or Unix server or a Macintosh machine, then paste the SSH keys from the
WSA into the authorized_keys file located in the SSH directory:
WSA into the authorized_keys file located in the SSH directory:
Navigate to the Users > <username> > .ssh directory.
A.
Paste the WSA SSH key into the authorized_keys file and save the changes.
B.
Note: You must manually create an authorized_keys file if one does not exist in the SSH directory.
12.
Verify
Complete these steps in order to verify that the logs are successfully transferred to the SCP server:
Navigate to the WSA Log Subscriptions page.
1.
In the Rollover column, choose the log that you configured for SCP retrieval.
2.
Locate and click Rollover Now.
3.
Navigate to the SCP server folder that you configured for log retrieval and verify that the logs are
transferred to that location.
transferred to that location.
4.
Complete these steps in order to monitor the log transfer to the SCP server from the WSA:
Log into the WSA CLI via SSH.
1.