Cisco Cisco Web Security Appliance S370 Guida All'Installazione
1-10
Cisco Web Security Appliance Advanced Reporting Installation, Setup, and User Guide
Chapter 1 Installation and Setup
(Optional) Set Up Department Membership Query
•
Open the web interface for the Cisco Web Security Appliance.
Step 1
In the web interface for the Cisco Web Security Appliance,
navigate to System Administration > Log Subscriptions.
navigate to System Administration > Log Subscriptions.
Step 2
Click Add Log Subscription...
Step 3
Configure the subscription
Note
Accessing online help from the Add Log Subscription page brings up detailed information about all
settings.
settings.
(Optional) Set Up Department Membership Query
Perform the setup procedure for department membership requirements under these conditions:
•
You will use AD/LDAP groups bound to roles in Splunk.
•
You will run reports on data that is based on organizational roles.
Related Topics
•
Setting
Log Type
Value
Log directory
Access
accesslogs
Traffic Monitor
trafmonlogs
(Depending on your AsyncOS
release)
release)
Rollover by File Size
Maximum File Size
Either
Recommend no more than 500 Mb.
(Availability of this option
varies by AsyncOS release)
varies by AsyncOS release)
Rollover by Time
Either
Recommend custom rollover interval of
one hour (1h) or more frequent rollovers.
one hour (1h) or more frequent rollovers.
Log Style
Access
Squid
Traffic Monitor
N/A
(Optional) Custom Fields
Either
%XK (Adds a web reputation threat
reason.)
reason.)
Filename
Either
<user defined>
Retrieval Method
Either
FTP on <hostname_splunk_instance>