Proxy Device Uploads
Upload telemetry data in log files from proxy devices such as the Cisco Secure Web Appliance (formerly Web Security Appliance or WSA) and Blue Coat ProxySG to the global threat alerts system for analysis.
Procedure
Step 1 |
Click the gear icon in the upper-right corner of the page, and select Device Accounts to open the setup wizard.
|
||
Step 2 |
When you're ready to start the setup wizard to add a device account, click Let's Get Started. |
||
Step 3 |
Choose how the telemetry data is uploaded from the device by selecting either automatic or manual upload from the dropdown. The global threat alerts system supports only one upload method at a time; they cannot be combined.
|
||
Step 4 |
If you selected the automatic upload method, choose what protocol is used to transfer the log files by selecting either SCP or HTTPS. |
||
Step 5 |
If you selected the manual upload method: |
What to do next
The Device Accounts page lists the proxy devices along with their information. The Status column shows the status of each device:
-
New—Incomplete configuration for SCP, may be missing public SSH key
-
Provisioning—Account in the process of being provisioned, not yet ready
-
Ready—Account successfully created
-
Error—Hover cursor over status to display a popup message explaining the error
From this overview page, you can add more device accounts, or click any device to remove it, enter a public SSH key, or troubleshoot.
Although it is possible to share an account between multiple devices or upload processes, we recommend you use a separate account for each device to minimize the possibility of filename conflicts and simplify troubleshooting upload problems.
When your device account is ready, click to view the Confirmed or Detected pages for insight into any suspicious activities in your network.
Note |
Data is typically available within two to three days after provisioning is complete. |