This add-on provides field extractions and CIM compatibility for the Bluecoat ProxySG Console logs. Splunk users with Bluecoat proxies can use this to feed into Enterprise Security events relating to Authentication and Change Analysis for the proxy itself. This add-on does not support the proxy access logs already supported by the Splunk-built Bluecoat TA.

Release Notes

Version 1.0
June 14, 2017

The TA-bluecoat_console allows a Splunk® Enterprise administrator to get field extractions for the console and system messages of the proxy, supplying data to both the Authentication and Change Analysis datamodels.

Close off Canvas Menu