Upload Logs from Mac or Linux using SFTP
Make sure your log files have the
.log
extension. If using an archive (zip), you can only have one log file per archive.Download the private key from the Netskope Administrator interface.
You may need to change permissions of the private key file to restrict access. Enter this command to change permissions of the downloaded private key file:
chmod 600 customer_sshkey.key
Launch a terminal window and establish an SFTP connection to the Appliance IP
cd upload
Address, specifying the directory where the downloaded private key resides. Next enter this command using the username provided in the Admin UI on the Log > Upload page:sftp -i /privatekey/customer_sshkey.key nstransfer@<appliance IP address>
When connected, go to the
upload
directory (). Next, go to the directory for the device used for generating the log file in the first step. For example, if using Cisco IronPort, you would need to use thecisco-wsa
directory (cd cisco-wsa
). If using Blue Coat logs, go to 'proxysg-http-main
' (cd proxysg-http-main
).Upload the log file(s) using the
mput
command (mput /logs/cisco-ironport.log
)After the logs are uploaded, it will take some time for the system to parse the logs and show events in Skope IT. The larger the log files, the more time it will take.