CloudSOC CASB Gateway

 View Only

  • 1.  Audit- SCP/SFTP Connection Method

    Posted Nov 28, 2017 05:13 PM

    Experts, 

           I just want to test how SCP/SFTP Connection method works for Audit device logs. I uploaded logs from ProxySG to FTP Server, periodically every 30 minutes (Since the Upload Path in ProxySG has limitted characters, I cannot enter the Datasource path). 

    I am using Windows(not linux), and Is there any way I can push all the logs to the Elastica Audit from FTP using PuTTY automatically?

    Thanks, 

    Kenneth 



  • 2.  RE: Audit- SCP/SFTP Connection Method

    Posted Dec 09, 2017 11:43 AM

    Gerenally, this would come from the ProxySG itself. It should have the capability to push logs up to Elastica. Additionally, you can use Elastica's SpanVA, which is a virtual appliance that collects firewall and proxy logs from your various network devices and proxies and sends them to Elastica for processing. Then you can audit your data to evaluate your shadow IT exposure.



  • 3.  RE: Audit- SCP/SFTP Connection Method

    Posted Dec 15, 2017 02:59 PM

    Hey Brian, 

           The Datasource path is too long to enter on the ProxySG (can we make it shorter?). Also, what port number should we use, 21 or 22? 

    Thanks, 

    Ken