Part 2: Configure the central Log Server

Steps

  1. Go to the central Log Server machine and use the Windows Services tool to stop Websense Log Server service.
  2. Navigate to the bin directory (C:\Program Files\Websense\Web Security\bin, by default) and open the LogServer.ini file in a text editor.
  3. Search for the phrase “Centralized LogServer,” then make the following changes: 
    [CacheFileWatcher]
Active=true
TimeInterval=180
FilePath=<path_to_shared_cache_folder>
    • Set the Active parameter to true to configure the central Log Server to process cache files from remote Log Server instances.
    • Optionally, edit the TimeInterval value to determine how frequently (in seconds) the central Log Server checks the cache directory for new files to process.
    • Set the FilePath parameter to the shared directory you created in Part 1 of this procedure (C:\Program Files\Websense\Web Security\bin\logscache\, for example).
  4. Next, search for [Visits] section of the file to change the UsingVisits parameter to false. (This can also be configured via the Web > Settings > Reporting > Log Server page in the Forcepoint Security Manager.) The section looks like this: 
    [Visits]
VisitTime=10
UsingVisits=false
VisitSortTimeDelay=30

    This ensures that visits processing (if enabled) is performed only once, by the remote Log Server instances.

    Note: When centralized logging is used, log record consolidation is automatically disabled on remote Log Server instances. To use log record consolidation, enable it for the central Log Server.
  5. Save and close the file.
  6. To configure this Log Server instance to run as the domain user created in Part 1 of this procedure:
    1. In the Windows Services tool, right-click Websense Log Server and select Properties.
    2. Select the Log On tab, then, under “Log on as,” click This account.
    3. Browse to the domain user created for this purpose, then enter and confirm the account password.
    4. When you are finished, click OK to return to the main Services window.
  7. To start Log Server, right-click Websense Log Server again, then select Start.