Archive

How to integrate the Blue Coat WSS app with Splunk?

Explorer

We are using Blue Coat (now Symantec) Web security service in our environment. We have received Blue Coat WSS app for Splunk. But there is no documentation available for same. Has anyone succeeded in successfully integrating Splunk with Blue Coat WSS?

Thanks in advance.

Shubham

0 Karma

Path Finder

Hi, Shubham.

You need to set up an "API Keys" in the WSS portal for Splunk to make the GET in the logs. In WSS go to the menu: Service> Account Maintenance> MDM, API Keys, click + add API Key and set a user / password, which must be used the same credentials to configure Add-on.

Follow the documentation link:
https://www.symantec.com/connect/articles/symantec-wss-app-splunk

Download and install the files as documentation.
Symantec Web Security Service App For Splunk
https://splunkbase.splunk.com/app/3855/

Symantec Web Security Service Addon For Splunk
https://splunkbase.splunk.com/app/3856/

Hope this helps.
James

0 Karma

Explorer

Were you able to get this working?

0 Karma

Explorer

Can anyone help on this?

0 Karma