Extracting BCWF username and password from Security Analytics

book

Article ID: 169175

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

If you are troubleshooting authentication or network access issues, knowing what credentials the Security Analytics appliance is using is very helpful.  This also allows you to go to a web browser and attempt to download the BCWF database manually just to make sure the credentials are accurate.  It is best to test the download of the BCWF file from a workstation on the same network as the Security Analytics appliance.

Resolution

Log in as root via SSH.

Run the following command:

echo "SELECT (SELECT value AS username FROM meta WHERE name = 'accountId') AS username, (SELECT value AS passwd FROM meta WHERE name = 'licenseKey') AS passwd" | su - postgres -c 'psql dsweb'

Output should be similar to this:

Last login: Wed Aug 24 09:58:54 MDT 2016
stdin: is not a tty
stdin: is not a tty
      username      |       passwd        
--------------------+---------------------
 0015000000xxxxxxxx | AAAA-BBBB-CCCC-DDDD
(1 row)

​Go to a web browser and enter this URL:  https://list.bluecoat.com/bcwf/activity/download/bcwf.db

Use the username and passwd from the database command to confirm you are able to authenticate and download the bcwf.db file.

Alternatively, you can use a wget command from either your workstation or from the Security Analytics appliance itself as shown below:

wget --no-check-certificate --user=username --password=passwd https://list.bluecoat.com/bcwf/activity/download/bcwf.db