This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

How can integrate websense with rsa security analytics

RSAAdmin
Beginner
Beginner

‎2013-08-27 08:10 AM

How can integrate websense with rsa security analytics

0 Likes
2 REPLIES 2

Anonymous
Not applicable

‎2013-08-27 01:33 PM

Rocky,

 

My company just started playing around with integrating websense and SA.  In newer versions, 7.7 or higher I believe, there is a setting within Websense called SIEM integration.  It is pretty straight forward when it comes to sys log.  Check out this document on knowledge.rsasecurity.com:

 

https://knowledge.rsasecurity.com/docs/rsa_env/device_config/Websense.pdf

 

This document provides instructions for configurations on various versions of Websense and different log types. 

 

Hope this helps!

 

Regards,

James  

0 Likes

Anonymous
Not applicable

‎2013-09-03 07:10 PM

Rocky -

 

Can you elaborate on how do you want to integrate with Websense?

 

If you just want to send Websense logs to Security Analytics for Logs.

 

Websense has an option to send data out as syslog.

 

Yes - http://www.websense.com/content/support/library/web/v75/wcg_help/logs.aspx 

 

The logs can be formatted a bunch of different ways, but they can be formatted as squid logs like this:  http://www.websense.com/content/support/library/web/v75/wcg_help/squid.aspx#602688 which is a standard proxy format that can be ingested by Security Analytics.

 

Those links are a little old (websense 7.5), there may be a newer, better, faster, method available from Websense.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.