All Apps and Add-ons

Has anyone been successful with bringing in data from Blue Coat Packet Shapers 1700 and 7500 series

Engager

Has anyone been successful in bringing in data from Blue Coat Packet Shapers models 1700 and 7500?

The Blue Coat ProxySG app seems a bit more tailored to just their ProxySG devices, so it was not evident if the app nor how it is set to bring in data could be re-used for the Packet Shaper devices.

Thanks much!

0 Karma

Engager

The latest update I have here is that it is possible to obtain data from Blue Coat Packet Shaper appliances into Splunk (which was expected).

There are three methods this can be accomplished:
1) Syslog - Blue Coat Packet Shapers can have customer events be logged through the syslog facility. As well, general messaging from the devices can be sent via syslog. At this point, it remains to be seen if the detailed information that is required for my use case is available through syslog.
2) SNMP - Same as syslog, custom events and general information are available via custom Blue Coat MIBS through SNMP.
3) Blue Coat Packet Shapers doe have remote telnet and ssh capabilities and a decent CLI is available on the devices. So, theoretically as remote shell could be created to log into the devices and run CLI commands, capturing the output into a file that Splunk monitors and ingests.

All of the above methods are viable, but I've yet to actually perform the activities to bring data into Splunk and explore if we can accurately and completely obtain data points on the bandwidth (and bandwidth constraints) on each Blue Coat device, and thus provide proactive management and historical trend information on the devices and across all as a whole.

I'll work to provide more information to this question/posting as I move forward so that others might receive value from it.

Engager

Did you ever get the PacketShaper data in to Splunk? Which approach did you end up using?

Regards

Chris

Tags (1)
0 Karma