Uploading Access logs from a ProxySG Appliance to SCP client.
search cancel

Uploading Access logs from a ProxySG Appliance to SCP client.

book

Article ID: 280456

calendar_today

Updated On: 03-10-2024

Products

ProxySG Software - SGOS

Issue/Introduction

Steps to upload Access logs from a ProxySG Appliance to SCP client.

Resolution

(Introduced in SGOS version 6.7.2) The Secure CoPy (SCP) protocol allows you to transfer data securely over an SSH connection. If your site has an SSH server, you can configure an SCP client for secure access log uploads. Using the SCP client is useful if your organization does not permit other secure methods such as HTTPS or FTPS. The following content can be located in the SGOS Administration Guide on the Symantec support site.
Hosts, client keys, HMACs, and ciphers for outbound SSH connections must be configured before establishing an SCP client. If this has not been done, refer to "Authenticating Outbound SSH Client Connections"
 
Editing the SCP Client
The following instructions are performed in the ProxySG management console.
  • Select Configuration > Access Logging > Logs > Upload Client.
  • Select SCP Client from the Client type drop-down list and click Settings.
  • On the settings dialog, specify whether this is the primary or alternate SCP server from the Settings for drop-down list.
  • Enter server settings as appropriate:
  • Host: The name of the upload client host. The host can be defined as an IPv4 or IPv6 address or a domain name that resolves to an IPv4 or IPv6 address.
  • Port: If you specified an IP address for the host, specify a port number; the default is 2024.
  • Upload path: The directory path on the server where the access log is to be uploaded.
  • User name: A username that exists on the host you are configuring.
  • Password: The password for the host. Click Change [Primary | Alternate] Password to enter and confirm a new password; then, click OK.
  • Filename: The log filename format, which supports the following specifiers and text:
    - %f for the log name
    - %c for the name of the external certificate used for encryption, if applicable. If you use more than one external certificate to encrypt logs, include this specifier to keep track of which external certificate was used to encrypt the uploaded log file.
    - %l for the fourth parameter of the appliance IP address
    - %m and %d are date specifiers (month and day, respectively)
    - %H%, %M, and %S are time specifiers (hour, minute, and second, respectively)
    - gzip.log or log for the log file extension
     
  • Timestamp: The timestamp format used in access log entries and filenames. Select UTC for the UTC standard. Select Local time for the local time zone.
  • Click OK.
  • Click Apply.
Enabling a server for SCP transfer
The following instructions are performed in the ProxySG management console.
  • Select Configuration > Authentication > SSH Outbound Connections > Known Hosts. Show screen...
  • Select a Known Host.
  • Click Apply.

Designating a Local User
The following instructions are performed in the Reporter web UI. Reporter must have a configured local user (non-administrator) account to provide a user with SCP access. Only a local, non-administrator user can acquire SCP access; administrators cannot be given SCP access. For local user creation, refer to Create a New Reporter User.

  • Select Administrator > General Settings > Server Settings.
  • In the SCP Server Settings section, select Enable SCP server.
  • Select a user (non-administrator) for SCP access.
  • Click Save.
Powered by Wolken Software