Configuring Cisco WSA (Web Security Appliance) with SYSLOG Server
To configure Cisco WSA to send logs to your FTP Server:
Log into your Cisco WSA web admin console and go to System Administration | Log Subscriptions
Click accesslogs under the ‘Log Name’ column. Set the log style to Squid Details In the Custom Fields section enter:
#Fields: %L %e %a %k %B %A %w/%h %s %q %g %p %R %c %XF %Y
This adds some useful fields such as referrer URL that WebSpy Vantage utilizes in reports. Set the Retrieval Method to FTP on Remote Server. Leave the Maximum Time Interval between Transferring as the default (3600). Enter the FTP Host, Directory, Username and Password of your FTP server.
Click Submit to save your changes.
Commit the changes to take effective