×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
brian_rowe
Engager
Member since: ‎12-17-2014
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎12-17-2014
Topics I've Started
No posts to display.
View All

Re: BlueCoat ThreatPulse -- Does anyone have exper...

by in Splunk Enterprise Security
‎12-07-2017 08:57 AM
1 Karma
‎12-07-2017 08:57 AM
1 Karma
There is a fairly straightforward way to accomplish this--download the Blue Coat Reporter app, install it on a server, and have it download the WSS/ThreatPulse logs automatically. Those logs come down in gzip format, but can be indexed easily by Splunk--the format is similar to the standard ProxySG log formats. Here's an article from Symantec on setting up the connection between Reporter and ThreatPulse: https://support.symantec.com/en_US/article.TECH241105.html ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All