Processing Log Data Received via FTP
Receiving input from a connector via FTP requires that some steps be performed outside of the appliance. The following steps allow for the successful transfer of log data.
-
Enable FTP on the appliance. For detailed instructions, see Enabling FTP.
-
Configure the SmartConnector. For instructions on how to do this, see the SmartConnector Configuration Guide for Blue Coat ProxySG.
-
Configure the device. For instructions on how to do this, see the documentation for your device.
Tip: When configuring the Blue Coat SmartConnector for use with FTP, set up the SmartConnector to delete files after processing. This step helps to prevent an over accumulation of files on the FTP server.
To do so, in the agent.properties
, change agents[0].foldertable[0].mode=RenameInSameDirectory
to agents[0].foldertable[0].mode=
DeleteFile.
Tip: When configuring the Blue Coat SmartConnector for use with FTP, point the connector to /opt/arcsight/incoming/<or subdirectory>
.