Blue Coat ProxySG

Blue Coat ProxySG

Cyfin is 100 percent compatible with Blue Coat appliances. Cyfin reads Blue Coat log files wherever they're stored, and processes the data into a variety of useful reports.

Company Overview

Founded in 1996 as CacheFlow, the company focused on caching appliances for Internet service providers. In 2002 the company changed its focus to Internet security appliances and was renamed Blue Coat Systems. The company is a provider of advanced Web security solutions for global enterprises and governments, protecting users from cyber threat--whether they are on the network, on the Web, in the cloud, or mobile. In 2016 Symantec acquired Blue Coat, combining the strength of both companies to provide security solutions across endpoints, servers, e-mail messages, and Web transactions.


Cyfin - Blue Coat Configuration

Cyfin is installed on a server, not on the Blue Coat appliance.


Log File Setup

Log File Format:  Cyfin supports log file formats Squid, Common, and W3C. Make sure your appliance is configured to one of these formats. Note also that regardless of format, Cyfin requires certain log file fields as a minimum. By default, log file formats Squid and Common automatically contain all the required fields. On the other hand, W3C most likely will not contain all the required fields. In this case, you may need to add one or more fields.

FTP Configuration:  If your log files are currently being FTPed, determine the destination server/directory. If you plan to install Cyfin on the server where Blue Coat log files reside, no further action is needed. If you are not installing Cyfin on the same server, use your Blue Coat Management Console to configure your logs to be scheduled for FTP transfer to the server on which Cyfin is installed.

Default Directory:  [InstallPath]\wc\cf\log

NOTE:  Wavecrest highly recommends using the Squid log file format if possible. The W3C format routinely changes, and thus support of that format can be intermittent.


Configuration Notes

  • Installation.  Install Cyfin on the previously identified server (see diagram above).
  • Cyfin log file configuration.  Configure the following settings under Log Data Source - Setup in your Cyfin browser interface:
    • Type of proxy/firewall.  Blue Coat SGOS 3 & 4 & 5.
    • Log file location.  This is the directory to which the logs are FTPed. The Cyfin default directory is [InstallPath]\wc\cf\log, but you can easily change it.
  • Log file validation.  The log file configuration process will automatically validate your log files. Now you are ready to run reports.

Required Log File Fields

Squid and SGOS 3 & 4 & 5 required log file fields:

  • Header Record: NO
  • Character Delimiter: SPACE
  • Positions:
    • User Name = 8
    • IP Address = 3
    • Date = 1
    • Time = contained in date
    • Protocol = 6 (CONNECT is for ssl)
    • URL = 7
    • Result Code = 4
    • Size = 5
  • Date/Time Formats:
    • Milliseconds Format Only

Common Format and SGOS 3 & 4 & 5 required log file fields:

  • Header Record: NO
  • Character Delimiter: SPACE
  • Positions:
    • User Name = 3
    • IP Address = 1
    • Date = 4
    • Time = contained in date
    • URL = 7
    • Result Code = 8
    • Size = 9
  • Date/Time Formats:
    • [D/M/YYYY:HH:MM:SS
    • [DD/MM/YYYY:HH:MM:SS
    • [D/MM/YYYY:HH:MM:SS
    • [DD/M/YYYY:HH:MM:SS

W3C required log file fields:

  • date
  • time
  • c-ip
  • cs-method
  • cs-host
  • cs-uri-stem
  • sc-status
  • cs-username
  • sc-bytes

W3C and SGOS 3 & 4 & 5 required log file fields:

  • date
  • time
  • c-ip
  • cs-method
  • cs-uri-stem
  • sc-status
  • cs-username
  • sc-bytes
© Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.

Trusted Worldwide

Free Trial
Price Quote
"We discovered that Cyfin was flexible, providing us with the details needed to make adjustments to our Policies and Bandwidth, as well as increasing employee’s productivity."

-Allen Lochamy, Atlanta Bonded Warehouse
LEGAL PRIVACY | © Copyright 1996-2018 Wavecrest Computing. All Rights Reserved.
Facebook Twitter Linkedin Blog Google+ YouTube Knowledge Base