We are using Blue Coat (now Symantec) Web security service in our environment. We have received Blue Coat WSS app for Splunk. But there is no documentation available for same. Has anyone succeeded in successfully integrating Splunk with Blue Coat WSS?
Thanks in advance.
Shubham
Hi, Shubham.
You need to set up an "API Keys" in the WSS portal for Splunk to make the GET in the logs. In WSS go to the menu: Service> Account Maintenance> MDM, API Keys, click + add API Key and set a user / password, which must be used the same credentials to configure Add-on.
Follow the documentation link:
https://www.symantec.com/connect/articles/symantec-wss-app-splunk
Download and install the files as documentation.
Symantec Web Security Service App For Splunk
https://splunkbase.splunk.com/app/3855/
Symantec Web Security Service Addon For Splunk
https://splunkbase.splunk.com/app/3856/
Hope this helps.
James
Were you able to get this working?
Can anyone help on this?