Cisco Cisco Web Security Appliance S170 설치 가이드
1-14
Cisco Advanced Web Security Reporting 5.0 Installation, Setup, and User Guide
Chapter 1 Installation and Setup
Configure CWS Log Updates
Note
Accessing online Help from the Add Log Subscription page brings up detailed information about
all settings.
all settings.
Configure CWS Log Updates
Before You Begin
•
Log into the Advanced Web Security Reporting application as
admin
.
Step 1
In the Advanced Web Security Reporting application:
•
Choose Settings > Data > Data inputs > Cisco CWS Logs.
Step 2
Click New.
Step 3
Provide a meaningful name for this data input.
Log Level
Access
N/A
Traffic Monitor
N/A
AMP Engine
Select Debug.
Note
It is important to change Log Level to
Debug for AMP reporting, or little to no
information will be reported.
Debug for AMP reporting, or little to no
information will be reported.
(Optional) Custom Fields
Access only
%XK (Adds a web reputation threat reason.)
Retrieval Method
FTP on Remote Server
Any one
Hostname: IP address or host name of the
Advanced Web Security Reporting host.
Advanced Web Security Reporting host.
Directory: name of Advanced Web Security
Reporting instance directory.
Reporting instance directory.
Username/Password: FTP user name and
password for access to application.
password for access to application.
Note
If connection between Advanced Web
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Retrieval Method
Syslog Push
Either
Hostname: IP address or host name of the
Advanced Web Security Reporting host.
Advanced Web Security Reporting host.
Protocol: TCP.
Facility: choose auth.
Note
If connection between Advanced Web
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Security Reporting and WSA is lost, logs
for that period are not available until
connection is restored.
Setting
Log Type
Value