How to encrypt access logs before uploading them to an external server

Solution

Overview

ProxySG appliances have a built-in mechanism to encrypt access logs before they are uploaded to an external server for log processing. Once encrypted, the logs are sent to the configured server. The logs must be decrypted prior to viewing or processing with Blue Coat Reporter or other tools.

Cause
Resolution

Please note: The following steps only apply to periodic uploads. If you have a direct connection to Blue Coat Reporter or are using a continual stream for your logs, the steps below will not work.

1. Generate a private and public key pair which will be saved and imported in your server of choice. The private key will be saved on the server only - it is not needed for the ProxySG steps below.
2. On your ProxySG Management Console, browse to the Configuration tab > SSL > External Certificates
3. Click on the Import button, and paste the public key (certificate) in the box. Click OK and Apply


4. Browse to Access Logging > Logs > Upload Client tab. In the Transmission Parameters section, select the certificate you imported in Step 3 here. Click Apply. 

 

NOTE1: The Bluecoat Reporter application has no capacity to de-crypt the acess logs, at this time.  You will need another application to de-crypt them before presenting them to the Bluecoat Reporter application for processing.  For details on how to setup acess logs so that Reporter can process them, see 000008692

NOTE2: For details on how to send the access logs over a secure connection, however, see 000011046

Workaround
Additional Information
Bug Number
InQuira Doc IdKB4734
Attachment

Article Feedback

Did this Article solve your issue?
Additional Comments:
 
Previous MonthNext Month
SunMonTueWedThuFriSat