How to encrypt access logs before uploading them to an external server

<< Back to Knowledge Search



ProxySG appliances have a built-in mechanism to encrypt access logs before they are uploaded to an external server for log processing. Once encrypted, the logs are sent to the configured server. The logs must be decrypted prior to viewing or processing with Blue Coat Reporter or other tools.


Please note: The following steps only apply to periodic uploads. If you have a direct connection to Blue Coat Reporter or are using a continual stream for your logs, the steps below will not work.

1. Generate a private and public key pair which will be saved and imported in your server of choice. The private key will be saved on the server only - it is not needed for the ProxySG steps below.
2. On your ProxySG Management Console, browse to the Configuration tab > SSL > External Certificates
3. Click on the Import button, and paste the public key (certificate) in the box. Click OK and Apply

4. Browse to Access Logging > Logs > Upload Client tab. In the Transmission Parameters section, select the certificate you imported in Step 3 here. Click Apply. 


NOTE1: The Bluecoat Reporter application has no capacity to de-crypt the acess logs, at this time.  You will need another application to de-crypt them before presenting them to the Bluecoat Reporter application for processing.  For details on how to setup acess logs so that Reporter can process them, see 000008692

NOTE2: For details on how to send the access logs over a secure connection, however, see 000011046

Additional Information
Bug Number
InQuira Doc IdKB4734

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 4, SGOS 5, SGOS 6
Topic      Access Logging, Installation / Configuration, Log Processing, Reporting
Article Number      000011134
Was this helpful?
Previous MonthNext Month