Blue Coat Web Security Service REST API connector configuration options
To receive events from Blue Coat Web Security Service, configure a data source to use the Blue Coat Web Security Service REST API connector.
The Blue Coat Web Security Service REST API connector is an active outbound connector that queries the Blue Coat Web Security Service Sync API and retrieves recently hardened log data from the cloud.
| Parameter | Description |
|---|---|
| Log Source Identifier |
Type a unique name for the log source. The Log Source Identifier can be any valid value and does not need to reference a specific server. It can also be the same value as the Log Source Name. If you have more than one configured Blue Coat Web Security Service REST API log source, ensure that you give each one a unique name. |
| API Username | The API user name that is used for authenticating with the Blue Coat Web Security Service. The API user name is configured through the Blue Coat Threat Pulse Portal. |
| Password | The password that is used for authenticating with the Blue Coat Web Security Service. |
| Confirm Password | Confirmation of the Password field. |
| Use Proxy |
When you configure a proxy, all traffic for the log source travels through the proxy for the QRadar® product to access the Blue Coat Web Security Service. Configure the Proxy IP or Hostname, Proxy Port, Proxy Username, and Proxy Password fields. If the proxy does not require authentication, you can leave the Proxy Username and Proxy Password fields blank. |
| Recurrence | You can specify when the log collects data. The format is M/H/D for Months/Hours/Days. The default is 5 M. |
| EPS Throttle | The upper limit for the maximum number of events per second (EPS). The default is 5000. |