As an administrator, I would like to ingest the Cloud Secure Web Gateway (SWG) proxy raw access logs into my Splunk Enterprise instance.
Cloud Secure Web Gateway (SWG)
The configuration needed on the Splunk and WSS portal:
Please note: Symantec Splunk Apps are freely downloadable and editable. As such, they are unsupported by Symantec and are provided to assist with Splunk integration efforts.