Cisco Cisco Web Security Appliance S160 User Guide
1-14
Cisco Advanced Web Security Reporting Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Configure CWS Log Updates
Note
Accessing online Help from the Add Log Subscription page brings up detailed information about
all settings.
all settings.
Configure CWS Log Updates
Before You Begin
•
Log into the Advanced Web Security Reporting application as
admin
.
Step 1
In the Advanced Web Security Reporting application:
•
Choose Settings > Data inputs > Cisco CWS Logs.
Step 2
Click New.
Step 3
Provide a meaningful name for this data input.
Step 4
Provide the client_id, s3_key and s3_secret that have been provided from CWS. The client_id is the
bucket ID used in CWS.
bucket ID used in CWS.
Step 5
Click More settings check box and provide the time Interval in seconds at which CWS logs can be
pulled; default is 3600.
pulled; default is 3600.
Log Style
Access
Squid
Traffic Monitor
N/A
AMP Engine
N/A
Log Level
Access
N/A
Traffic Monitor
N/A
AMP Engine
Select Debug.
Note
It is important to change Log Level to
Debug for AMP reporting, or little to no
information will be reported.
Debug for AMP reporting, or little to no
information will be reported.
(Optional) Custom Fields
Access only
%XK (Adds a web reputation threat reason.)
Retrieval Method
Select FTP on Remote
Server
Server
Any one
Hostname: IP address or host name of the
Enterprise host.
Enterprise host.
Directory: name of Advanced Web Security
Reporting instance directory.
Reporting instance directory.
Username/Password: FTP user name and
password for access to the application.
password for access to the application.
Note
If connection between Advanced Web
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Setting
Log Type
Value