Cisco Cisco Web Security Appliance S670 User Guide
1-11
Cisco Advanced Web Security Reporting 6.0 Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Set Up On-going Data Transfers
Tip
If you find that the application is not indexing files for any type of configured input because of a
checksum error, add the line
checksum error, add the line
crcSalt = <source>
to each input stanza in the
inputs.conf
file. (The
following section,
, describes
editing the
inputs.conf
file.)
What to Do Next
•
(Optional) Configure the Application to Delete Log Files After Indexing
Before You Begin
If the file
inputs.conf
does not exist in the directory
<install_home>/cisco_wsa_reporting/etc/apps/cisco_wsa_reporting/local/
, create the
input-configuration file:
<install_home>/cisco_wsa_reporting/etc/apps/cisco_wsa_reporting/local/inputs.conf
.
Step 1
Using a text editor, open
<install_home>/cisco_wsa_reporting/etc/apps/cisco_wsa_reporting/local/inputs.conf
.
Step 2
Add a segment as below:-
[batch:///home/logger/incoming/wsa176.wga/accesslogs/*]
host_segment = 4
disabled = false
sourcetype = wsa_accesslogs
move_policy = sinkhole
Where the first line is the FTP directory path where WSA logs are sent. The second line is the part of
the FTP path containing the host name. The third line enables this FTP input. The fourth line specifies
the source of this input. The final line,
the FTP path containing the host name. The third line enables this FTP input. The fourth line specifies
the source of this input. The final line,
move_policy = sinkhole
, enables deletion of the original data
once it is indexed.
Step 3
Save the
inputs.conf
file and then restart the Advanced Web Security Reporting application by
navigating to Settings > System > Server controls and clicking Restart.
Set Up On-going Data Transfers
Before You Begin
•
•
Know the path to your log files:
.
•
Log into the Advanced Web Security Reporting application as
admin
.