Install and Configure the Logging Client
Before you configure the Logging Client, download and install the Logging Client. To download installers for your system, see Download the Logging Client.
Prerequisites
Before you install the Logging Client, make sure the following requirements are met:
- Usage Analytics Users — Your account must have the Usage Analytics Users role.
- Customer ID — You can find the Customer ID in your welcome email. You can also find it in Skyhigh CASB.
- Follow the below steps to find your Customer ID in Skyhigh CASB:
- Log in to Skyhigh CASB.
- Go to Settings > Infrastructure > Client Proxy Management.
- Click Global Configuration > Tenant Authentication.
- Under Global Settings, you can find your Customer ID displayed.
- Follow the below steps to find your Customer ID in Skyhigh CASB:
- Email address and password — Your log-on credentials are used to identify your log files. If you log in using SAML without submitting a password, you cannot install the Logging Client.
- Syslog information — If you are planning to use the Logging Client to send logs to a Syslog server, you need the client host and port number. The log file sent to the Syslog server is in .csv format over TCP or UDP.
Warning: Install only one instance of the Logging Client on a server. Installing multiple instances on a server can lead to issues when multiple users work with them at the same time to pull log data.
Install and Configure the Logging Client
To install and configure the Logging Client, perform the following steps:
- Unzip the .exe file from the downloaded Logging Client.
- By default, the Logging Client is installed on your desktop. Launch the installer.
- Once installed, open the Logging Client and then, on the configuration page, configure these options:
| Fields | Description |
|---|---|
| Customer ID | You can find the Customer ID in an email that was sent to you when you start using Skyhigh SSE or WGCS products together with Trellix ePO. If there is a letter in the ID, do not include it. |
| Service | Choose SSE if you are using Skyhigh SSE or WGCS if you are using this product together with Trellix ePO. |
| Region |
Choose a regional or country code depending on where your data is stored:
|
| Name |
Enter your user name, which is most commonly the email address you use to log on to Secure Web Gateway. For information on how to create this account, see Create a new user. |
| Password | Enter the password you use to log on to Secure Web Gateway. If you log on with SAML, you cannot use the Logging Client. |
| API version |
Enter the version of the API that downloads the fields that you want to log. It is recommended to use the latest API version. For more information on the fields each version of the API captures, see Reporting Fields. |
| Log Type |
You can download different types of logs, including logs with data originating from the Web, Remote Browser Isolation (RBI), Private Access, and Cloud Firewall. By default, the log type is selected as Web. The Logging Client now downloads log data based on what you have configured. NOTE: If the API version entered is greater than or equal to 9 and the Service selected is SSE, then you can select the different log types in the menu. Else, the default option is set to Web. |
| Save in a folder | Downloads the logs to your local system. If you select this option, choose the path to download the logs to your system. |
| Send as Syslogs |
New logs are sent to a Syslog server. If you select this option, enter a host and port under Syslog-Client Host and Syslog-Client Port for the Syslog server. For more information on Syslog, see Use Syslog with the Logging Client. |
| Transport | Transfers the data to the Syslog server using TCP or UDP mode depending on your selection. |
The below buttons on the Configuration page provides the purpose to configure and run the Logging Client Services:
| Buttons | Description |
|---|---|
| Reset Fields | Resets the values of all fields on the configuration page to their default values. |
| Uninstall Service | Uninstalls the Logging Client Service. |
| Update Service | Updates the Logging Client Service with the latest values that you configured for it. |
| Stop Service |
Stops the Logging Client Service. |
| Test User | Checks the credentials that were submitted on the configuration page to authenticate a user. You should test the service before clicking Install Service. |
| Install Service | Installs and starts the Logging Client Service. |
| Button | Description |
|---|---|
| Restart Service | Restarts the Logging Client Service. This option appears only when Logging Client Service is installed and running. |
| Button | Description |
|---|---|
| Start Service | Starts the Logging Client Service. This option appears only if the Logging Client Service is installed and not in a running state. |