Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Cisco Web Security Appliance (WSA) Insight app icon

Cisco Web Security Appliance (WSA) Insight

Visualize hidden Cisco Web Security Appliance (WSA) statistics, simplify troubleshooting, find performance issues.

Built by Pavel Prostin
splunk product badge
screenshot
screenshot
screenshot
screenshot
screenshot
Latest Version 0.0.11
February 1, 2024
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 5.x, 4.x
Rating

0

(0)

Log in to rate this app
Support
Cisco Web Security Appliance (WSA) Insight support icon
Developer Supported app
Visualize hidden Cisco Web Security Appliance (WSA) statistics, simplify troubleshooting, find performance issues. The advanced logging app for Cisco WSA redefines monitoring and troubleshooting by aggregating diverse logs from Cisco WSA devices. A standout feature is its unparalleled ability to parse and visualize the typically concealed prox_track log, unconfigurable through the GUI. Positioned as both a replacement for and a valuable addition to traditional SNMP-based monitoring, this app excels across various crucial areas: Overview: Comprehensive display of all WSA proxies with current and peak values. Metrics include requests per second, CPU/RAM/Disk load, and server/client connections. Timings and Load Values: In-depth insights into various timings and load values for Authentication, DNS, and other essential modules. Comparative Analysis: Unique functionality to not only display values but also facilitate the comparison of metrics between different systems. Internal Visibility: Leveraging track_stats/prox_track.log, the app provides a profound view into the internal workings of WSA. Correlation Graphs: Build correlation graphs illustrating the relationship between requests per second and system load, enabling the identification of potential bottlenecks. Audit View: A dedicated audit view to track user logins and monitor system changes, ensuring a comprehensive understanding of system activity. Read this Cisco presentation that mentions prox_trac log: https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2018/pdf/BRKSEC-3303.pdf There are 26 panels grouped in 10 views: Overview - Appliance overview Authentication - Auth Helper Service Time - Auth Helper Wait Time - Auth Methods + Auth Cache Client Latency - Client Time Connections - Max Client Connections possible: - Connection Errors and Retries - Client Connections - Server Connections DNS - DNS times - DNS Cache Server Latency - Server Transaction Time - Server Wait Time System Health - free compare - System Health System Health - CPU, Disk, RAM - Requests/sec - Bandwidth - Loads - Stats System - User/System time - Block Input/Output Operations - System - System 2 WBRS - WBRS Service Time - WBRS Wait Time Audit About There is also a compare mode that allows you to view graphs of two or three hosts side by side for visual comparison.

Categories

Created By

Pavel Prostin

Type

app

Downloads

1,866

Licensing

Splunk Answers

Resources

Log in to report this app listing