Cisco Cisco Web Security Appliance S170 설치 가이드
1-13
Cisco Advanced Web Security Reporting 5.0 Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Set Up On-going Data Transfers
Step 11
Navigate to Settings > Data Inputs > TCP to confirm the new input entry.
Note
With a multiple-appliance configuration, you must repeat these steps from the Advanced Web Security
Reporting application for each appliance. However, you also can configure multiple appliances by
editing the
Reporting application for each appliance. However, you also can configure multiple appliances by
editing the
inputs.conf
file.
Establish Log Transfers from A Web Security Appliance
Before You Begin
•
Know the path to your log files:
.
•
Determine the frequency of transfers, no more than 60-minute increments.
•
Open the web interface for the Web Security Appliance.
Step 1
In the Web interface for the Web Security Appliance, navigate to System Administration >
Log Subscriptions.
Log Subscriptions.
Step 2
Click Add Log Subscription, or click the name of an existing subscription to edit it.
Step 3
Configure the subscription (this example refers specifically to access, AMP engine and traffic-monitor
logs):
logs):
Setting
Log Type
Value
Log Type
Access
accesslogs
Traffic Monitor
trafmonlogs
AMP Engine
amp_logs
Log Name
Any one
Name for the log directory.
(Depending on your
AsyncOS release)
AsyncOS release)
Rollover by File Size
Maximum File Size
Any one
Recommend no more than 500 MB.
(Availability of this option
varies by AsyncOS release)
varies by AsyncOS release)
Rollover by Time
Any one
Recommend custom rollover interval of one hour
(1h) or more frequent rollovers. For AMP logs,
recommend one minute (1m).
(1h) or more frequent rollovers. For AMP logs,
recommend one minute (1m).
Log Style
Access
Squid
Traffic Monitor
N/A
AMP Engine
N/A