Reporting number of SEP WTR users accessing internet via WSS
Article ID: 189842
Updated On:
Products
Cloud Secure Web Gateway - Cloud SWG
Issue/Introduction
It is difficult for a WSS administrator to get an idea on how many SEP-WTR hosts are accessing the WSS services from the regular reporting pages.
Using the downloaded raw access logs does give options to get this info
Using the downloaded raw access logs does give options to get this info
Environment
SEP-WTR access methods enabled for users accessing WSS
Cause
lack of reporting feature in the product (being investigated at the current time)
Resolution
Assuming you download raw logs to a Linux/MacOS or Windows host capable of running bash scripts (https://cygwin.com/install.html), simply run the following command to get the count of all SEP-WTR users accessing the Proxy during the timeframe the logs were captured
$ grep sep-windows\ cloud_xxxx_yyyy.log |awk '{print $7}' |sort | uniq -c|sort -rn | grep -v non-interactive| wc -l
4525
This indicates that 4525 unique users accessed URLs via WSS during the time these logs were taken.
Note:
- xxxx is your tenantID, and
- yyyy is the timeframe the logs represent.
This is the default format for downloaded access log files from WSS.
$ grep sep-windows\ cloud_xxxx_yyyy.log |awk '{print $7}' |sort | uniq -c|sort -rn | grep -v non-interactive| wc -l
4525
This indicates that 4525 unique users accessed URLs via WSS during the time these logs were taken.
Note:
- xxxx is your tenantID, and
- yyyy is the timeframe the logs represent.
This is the default format for downloaded access log files from WSS.
Feedback
Yes
No
Powered by
