Cisco Cisco Web Security Appliance S390 Installationsanleitung

Clean the indexes folders of the new version:

cd /opt/cisco_wsa_reporting/var/lib/splunk

rm -rf *

Copy indexes from old version to new version:

cd /opt/cisco_wsa_reporting/var/lib/splunk

cp -r /opt/splunk/var/lib/splunk/defaultdb .

cp -r /opt/splunk/var/lib/splunk/fishbucket .

Start the new version of Advanced Web Security Reporting:

/opt/cisco_wsa_reporting/startup.sh

In a browser, open 

http://<wsa_reporting_server_host_name>:8888

 and log in with the user name 

admin

 and password 

Cisco@dmin

.

The Advanced Web Security Reporting application provides two administrative users:

The “default admin” (user name: 

admin

 and password: 

Cisco@dmin

) will have access to all 

administration functionality.

The 

admin

 user can install licenses and configure the distributed environment. Use this account to 

configure, test, and troubleshoot.

The second administrative user (name: 

wsa_admin

 and password: 

Ironp0rt

) has access to a subset 

of administration functionality. 

We recommend that you change both passwords immediately after installation (Settings > Users and 
Authentication > Access Controls > Users).

Set time zones consistently across WSA and CWS appliances. 

The time displayed in the search results reflects the ‘local’ time of the Advanced Web Security 
Reporting instance. By default, all inputs for the appliance logs are set to TZ = GMT.

Document the local 

admin

 account password (regardless of the chosen authentication method).

To stop the Advanced Web Security Reporting application:

Change directory to 

/cisco_wsa_reporting/

 and issue this command:

./shutdown.sh 

To start the Advanced Web Security Reporting application:

Change directory to 

/cisco_wsa_reporting/

 and issue this command:

/startup.sh