Skip to main content
Skyhigh Security

Install and Configure the Logging Client

Before you configure the Logging Client, download and install the Logging Client. To download installers for your system, see Download the Logging Client.

Prerequisites

Before you install the Logging Client, make sure the following requirements are met:

  • Usage Analytics Users — Your account must have the Usage Analytics Users role.
  • Customer ID — You can find the Customer ID in your welcome email. You can also find it in Skyhigh CASB.
    • Follow the below steps to find your Customer ID in Skyhigh CASB:
      1. Log in to Skyhigh CASB.
      2. Go to Settings > Infrastructure > Client Proxy Management
      3. Click Global Configuration > Tenant Authentication
      4. Under Global Settings, you can find your Customer ID displayed.
  • Email address and password — Your log-on credentials are used to identify your log files. If you log in using SAML without submitting a password, you cannot install the Logging Client.
  • Syslog information  If you are planning to use the Logging Client to send logs to a Syslog server, you need the client host and port number. The log file sent to the Syslog server is in .csv format over TCP or UDP.

Warning: Install only one instance of the Logging Client on a server. Installing multiple instances on a server can lead to issues when multiple users work with them at the same time to pull log data.

Install and Configure the Logging Client

To install and configure the Logging Client, perform the following steps:

  1. Unzip the .exe file from the downloaded Logging Client.
  2. By default, the Logging Client is installed on your desktop. Launch the installer.
  3. Once installed, open the Logging Client and then, on the configuration page, configure these options:
    logging_client_configuration page.png
Fields Description
Customer ID  You can find the Customer ID in an email that was sent to you when you start using Skyhigh SSE or WGCS products together with Trellix ePO. If there is a letter in the ID, do not include it.
Service Choose SSE if you are using Skyhigh SSE or WGCS if you are using this product together with Trellix ePO.
Region

Choose a regional or country code depending on where your data is stored:

  • EU — European Union
  • IN  — India
  • SG — Singapore
  • UE — United Arab Emirates
  • UK — United Kingdom
  • US — United States
Name

Enter your user name, which is most commonly the email address you use to log on to Secure Web Gateway.
You can use your own user name or you can create an account for a new user who will be the dedicated user for reporting.

For information on how to create this account, see Create a new user.

Password Enter the password you use to log on to Secure Web Gateway. If you log on with SAML, you cannot use the Logging Client.
API version

Enter the version of the API that downloads the fields that you want to log. It is recommended to use the latest API version.

For more information on the fields each version of the API captures, see Reporting Fields.

Log Type

You can download different types of logs, including logs with data originating from the Web, Remote Browser Isolation (RBI), Private Access, and Cloud Firewall. By default, the log type is selected as Web. The Logging Client now downloads log data based on what you have configured.

NOTE: If the API version entered is greater than or equal to 9 and the Service selected is SSE, then you can select the different log types in the menu. Else, the default option is set to Web.

Save in a folder Downloads the logs to your local system. If you select this option, choose the path to download the logs to your system.
Send as Syslogs

New logs are sent to a Syslog server. If you select this option, enter a host and port under Syslog-Client Host and Syslog-Client Port for the Syslog server.

For more information on Syslog, see Use Syslog with the Logging Client.

Transport Transfers the data to the Syslog server using TCP or UDP mode depending on your selection.

The below buttons on the Configuration page provides the purpose to configure and run the Logging Client Services: 

Buttons Description
Reset Fields Resets the values of all fields on the configuration page to their default values.
Uninstall Service Uninstalls the Logging Client Service.
Update Service Updates the Logging Client Service with the latest values that you configured for it.
Stop Service

Stops the Logging Client Service.

Test User  Checks the credentials that were submitted on the configuration page to authenticate a user. You should test the service before clicking Install Service.
Install Service Installs and starts the Logging Client Service.

clipboard_e1da59ad14da5bc48e68d72fe91b04e8f.png

Button Description
Restart Service Restarts the Logging Client Service. This option appears only when Logging Client Service is installed and running.

clipboard_e7282eb51636624b1c0852b629b59b487.png

Button Description
Start Service Starts the Logging Client Service. This option appears only if the Logging Client Service is installed and not in a running state.
  • Was this article helpful?