Source Tab (New, Edit, and Duplicate Log Source Page)

Configure the source options for your log source.

Option	Definition
Accept log files from the network device	To accept log files from the network device, this information is used to create a logon account: Logon name Password

Note: For more information about accepting log files using FTP(S)/HTTP(S) options, consult the documentation for your network device.

Option	Definition
Accept log files from the network device	This information is used to accept syslog messages files from the network device: Client address Server port Protocol
Web Gateway settings	Specifies the log header. Note: Only available when you select these log formats: Web Gateway (Webwasher) – Auto Discover Web Gateway (MATD) – Auto Discover

Note: For more information about accepting log files using syslog options, consult the documentation for your network device.

Option	Definition
Webwasher server	This information is used to collect log files from the Webwasher server: Device address UI port Logon name Password Connect using TLS
Test	Verifies the connection to the Webwasher server.

Option	Definition
Web Gateway server	This information is used to collect log files from the Web Gateway server: Device address UI port Connect using TLS Logon name Password Appliance name (UUID) Log file base name Automatically collect logs from node with active GUI
Test	Verifies the connection to the Web Gateway server.

Option	Definition
Web Gateway server	This information is used to collect Advanced Threat Defense log files from the Web Gateway server: Device address UI port Connect using TLS Logon name Password Appliance name (UUID) Log file base name Automatically collect logs from node with active GUI
Test	Verifies the connection to the Web Gateway server.

Option

Definition

Web Gateway Cloud Service

This information is used to collect log files from Web Gateway Cloud Service:

Customer ID — Sent in your Web Gateway Cloud Service registration documentation
Logon name
Password
Region — You can specify the region as US, EU, or UK. Verify that your firewall allows communication between:
- For US — https://us.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For EU — https://de.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For UK — https://gb.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For SSE_NA — https://us.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For SSE_EU — https://de.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For SSE_UK — https://gb.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For SSE_SG — https://sg.msg.mcafee-cloud.com/mwg/...ting/forensic/
- For SSE_UE — https://ae.msg.mcafee-cloud.com/mwg/...ting/forensic/
- Content Security Reporter server and the Internet

Content Security Reporter collects 15 maximum days of data from Web Gateway Cloud Service.

Test

Verifies the connection to Web Gateway Cloud Service.

Option	Definition
FTP server	This information is used to collect log files from the FTP, FTPS, or SFTP server: File protocol FTP server address Port Logon name Password Directory
Test	Verifies the connection to the FTP(S) server.

Option	Definition
Report server directory	Specifies the report server directory information.
Test	Verifies the connection to the report server directory.

Option	Definition
Network Security Manager	This information is used to collect log files from Network Security Manager. Device address Device port Logon name Password
Test	Verifies the connection to Network Security Manager.