We are using Blue Coat (now Symantec) Web security service in our environment. We have received Blue Coat WSS app for Splunk. But there is no documentation available for same. Has anyone succeeded in successfully integrating Splunk with Blue Coat WSS?
Thanks in advance.
You need to set up an "API Keys" in the WSS portal for Splunk to make the GET in the logs. In WSS go to the menu: Service> Account Maintenance> MDM, API Keys, click + add API Key and set a user / password, which must be used the same credentials to configure Add-on.
Follow the documentation link:
Download and install the files as documentation.
Symantec Web Security Service App For Splunk
Symantec Web Security Service Addon For Splunk
Hope this helps.