search cancel

Symantec Web Security Service App for Splunk

book

Article ID: 175678

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

Utilize the Symantec Web Security Service (WSS) App for Splunk.

Environment

Web Security Service

Splunk

Resolution

The Symantec WSS App for Splunk is intended to do data collection, data normalization, and visualization of real-time data through API calls. This App utilizes the Technology Add-on feature of Splunk so that users can import their access logs from WSS into Splunk.

Please refer to the WSS Splunk App page and the WSS Splunk App documentation for more details. You can also review the README.txt inside the .tar file for installation, configuration, troubleshooting, and log files.

Customers can also download WSS access logs using scripting or other SIEM applications. Please refer to the Near Real-Time Sync API documentation for assistance with proper implementation. For further troubleshooting, if you need to perform a test to see if WSS is responding to API calls, please use curl to test downloading a log from your WSS 

Please note: Symantec Splunk Apps are freely downloadable and editable. As such, they are unsupported by Symantec and are provided to assist with Splunk integration efforts.