Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We have customized our access logs following this guide (for Splunk):https://www.splunk.com/blog/2016/10/14/splunk-cisco-web-security-appliance-wsa-bff-dear-it-admin-my-internet-is-so-slow.html Is there any way that the Advanced Reporting console can...
Was there ever a solution found for this?
We are experiencing the same problem... basically only blocked traffic is being sent to our Syslog server, and our Defense Center logs roll fairly quickly so troubleshooting is nearly impossible.
I would be interested in learning more of how people are using this feature.
Here is some documentation I found:
https://www.cisco.com/c/dam/en/us/products/collateral/security/firesight-management-center/at-a-glance-c45-738455.pdf
https://www.cisco...
Has anyone investigated this Microsoft script to generate a PAC file that will bypass WSA for Office365 traffic?
https://blogs.technet.microsoft.com/undocumentedfeatures/2015/11/16/office-365-pac-file/
A concern would be a PAC file that's 300+ lines ...
Please be advised that the Office365 feed provided by Microsoft contains other sites you may not want to allow, such as:FacebookYoutubemail.google.comdropbox.comevernote.com HUGE vulnerability!!! We manually export the XML into another XML that we th...
