SIEM integration with Cloud SWG (aka WSS)
search cancel

SIEM integration with Cloud SWG (aka WSS)


Article ID: 171280


Updated On:


Cloud Secure Web Gateway - Cloud SWG


You have a SIEM that needs to analyze log files from Cloud SWG (aka WSS).


 There is a REST API that can be used to integrate your SIEM with Cloud SWG.

  1. Create the API Key on Cloud SWG portal

    Implement the Sync API for Log Syncing

  2. Once the API Key is generated, WSS provides the API method for the SIEM to download logs from the Cloud SWG. The SIEM tools need to pull those logs via HTTPS and with the configured API Key.

  3. You need to involve your SIEM administrator to help you to consume the logs downloaded via SyncAPI. Symantec's technical support only provides the API Key and interface to download the logs.


1681291118441__PDF_SyncAPI_2020.pdf get_app