ProxySG appliances have a built-in mechanism to encrypt access logs before they are uploaded to an external server for log processing. Once encrypted, the logs are sent to the configured server. The logs must be decrypted prior to viewing or processing with Blue Coat Reporter or other tools.
Please note: The following steps only apply to periodic uploads. If you have a direct connection to Blue Coat Reporter or are using a continual stream for your logs, the steps below will not work.
1. Generate a private and public key pair which will be saved and imported in your server of choice. The private key will be saved on the server only - it is not needed for the ProxySG steps below.
2. On your ProxySG Management Console, browse to the Configuration tab > SSL > External Certificates
3. Click on the Import button, and paste the public key (certificate) in the box. Click OK and Apply
4. Browse to Access Logging > Logs > Upload Client tab. In the Transmission Parameters section, select the certificate you imported in Step 3 here. Click Apply.
NOTE1: The Bluecoat Reporter application has no capacity to de-crypt the acess logs, at this time. You will need another application to de-crypt them before presenting them to the Bluecoat Reporter application for processing. For details on how to setup acess logs so that Reporter can process them, see 000008692
NOTE2: For details on how to send the access logs over a secure connection, however, see 000011046