Skip to main content

Netskope Help

Upload Logs from Mac or Linux using SFTP

  1. Make sure your log files have the .log extension. If using an archive (zip), you can only have one log file per archive.

  2. Download the private key from the Netskope Administrator interface.

  3. You may need to change permissions of the private key file to restrict access. Enter this command to change permissions of the downloaded private key file:chmod 600 customer_sshkey.key

  4. Launch a terminal window and establish an SFTP connection to the Appliance IP cd upload Address, specifying the directory where the downloaded private key resides. Next enter this command using the username provided in the Admin UI on the Log > Upload page: sftp -i /privatekey/customer_sshkey.key nstransfer@<appliance IP address>

  5. When connected, go to the upload directory (). Next, go to the directory for the device used for generating the log file in the first step. For example, if using Cisco IronPort, you would need to use the cisco-wsa directory (cd cisco-wsa). If using Blue Coat logs, go to 'proxysg-http-main' (cd proxysg-http-main).

  6. Upload the log file(s) using the mput command (mput /logs/cisco-ironport.log)

  7. After the logs are uploaded, it will take some time for the system to parse the logs and show events in Skope IT. The larger the log files, the more time it will take.

In this section: