search cancel

Test log export from Web Security Service for use in a SIEM


Article ID: 173283


Updated On:


Web Security Service - WSS


As an administrator, I would like to verify/test the export of the logs from WSS use in a SIEM such as Splunk, or others.


Web Security Service



  1. Use curl to test. Download it here.
  2. Generate WSS API Credentials.
  3. Use the following command to run the query using the curl application:
curl -vvv "" -H "X-APIUsername: APIUsername" -H "X-APIPassword: APIPassword" -o
  • Replace the ‘APIUsername’ and ‘APIPassword’ with the username and password for the API key that is set up in the WSS portal.
  • Replace the startDate value (i.e.1525917600000) with a recent timestamp value obtained using the Epoch time converter:
  • Be sure to use the "Timestamp in milliseconds" value in the curl command. 

It is recommended that a recent date be used when generating a timestamp and running the command. For example, a date from a couple of days ago to a week ago. This helps to ensure that a large amount of data is not downloaded during the test. The main purpose of the curl command is to test to ensure the log export is working through the API and logs from a recent date should be sufficient to test this. 

If the command is successful, a log file should be generated within the directory from where the command is being run. This indicates that the API is available and working as expected using the provided API credentials.

Additional Information