# Universal Log Transfer

## Netacea Universal Offline POV Guide

To send log data to Netacea for analysis when real-time streaming or platform integrations are not viable, you can use the **AWS Command Line Interface (CLI)** to complete a one-off upload to a secure, Netacea-hosted Amazon S3 bucket. Below are the documented steps required to install and use the AWS CLI to perform a secure transfer.

### Pre-requisites

To successfully complete an offline log transfer to Netacea, please ensure the following:

* The **AWS CLI** is installed and confirmed to be working on your machine.
* You have received the necessary S3 bucket details (bucket name and ARN) from Netacea. These can be found [here](https://netacea.gitbook.io/portal-docs/user-guides-and-videos/portal-setup-and-log-shipping-guide).
* You have created a **test file** that can be used to validate the connection before transferring actual data.
* You are using a machine that:
  * Allows **command-line access**
  * Has **permission to install and run CLI tools**
  * Has **access to the log file(s)** intended for upload

{% hint style="info" %}
You do not need to provision any of the S3 Bucket infrastructure or associated credentials as these will be provided to you.
{% endhint %}

#### Step 1: Install the AWS CLI

Download the AWS CLI from the official source based on your operating system:

* **Windows (64-bit)**
* **macOS (PKG Installer)**
* **Linux (Installer)**
* **Amazon Linux (AMI)**

👉 [AWS CLI download link](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)

After downloading, run the installer and follow the on-screen prompts.

To confirm successful installation, run the following command in your terminal or command prompt:

```
aws --version
```

#### **Step 2: Configure the AWS CLI**

Use the provided credentials to set up your environment:

```
aws configure
```

You will then be asked to input some additional details. The table below explains what information needs to be provided and where this can be located from:

<table><thead><tr><th width="245">Name</th><th>Value</th></tr></thead><tbody><tr><td>AWS_ACCESS_KEY_ID</td><td>Obtained from the Netacea <a href="https://portal.netacea.com/">admin portal</a></td></tr><tr><td>AWS_SECRET_ACCESS_KEY</td><td>Obtained from the Netacea <a href="https://portal.netacea.com/">admin portal</a></td></tr><tr><td>AWS_DEFAULT_REGION</td><td>eu-west-1</td></tr></tbody></table>

#### **Step 3: Test Access with a Sample File**

Ensure that you have created a small test file (this can be empty) to verify access:

```
aws s3 cp localtestfile.txt s3://name-of-bucket 
```

* Replace `/full/path/to/testfile.txt` with the actual path to your test file
* Replace `<bucket-name>` with the S3 bucket name provided by Netacea

Once uploaded, contact the **Netacea Solutions Engineering team** to confirm that the file was received successfully.

#### **Step 4: Upload the Log Data**

After confirmation from Netacea, you may proceed with uploading your full log file using the same command:

```
aws s3 cp localtestfile.txt s3://name-of-bucket 
```

Make sure to:

* Replace `/full/path/to/logfile.log` with the actual path to your log file
* Use the same bucket name as provided
* Ensure the upload completes without errors.

### Netacea Minimum Dataset

To perform a successful Proof of Value (PoV), the log file(s) you upload must include the following fields:

<table><thead><tr><th width="215">Required Fields</th><th>Description</th></tr></thead><tbody><tr><td>Timestamp</td><td>The time at which the request was received</td></tr><tr><td>IP Address</td><td>The IP address from which the request was made</td></tr><tr><td>User Agent</td><td>The user agent string sent in the header by the client</td></tr><tr><td>Method</td><td>The HTTP method of the request</td></tr><tr><td>Path</td><td>The path of the requested resource</td></tr><tr><td>Query</td><td>The query string of the request</td></tr><tr><td>Status</td><td>The HTTP status code returned by the server</td></tr><tr><td>Referrer</td><td>The web page the user followed a link from</td></tr><tr><td>Bytes Sent</td><td>The Bytes sent as part of the servers response</td></tr><tr><td>Client JA3</td><td>Clients JA3 fingerprint (if available)</td></tr><tr><td>X-Forwarded-For*</td><td>Connecting IP address [array] of a client request, if proxied</td></tr><tr><td>True Client IP*</td><td>The trusted source of the original client IP</td></tr><tr><td>Host</td><td>The destination host of the request</td></tr><tr><td>Protocol</td><td>The protocol of the request</td></tr><tr><td>Request Time</td><td>The complete amount of time it took to process the request</td></tr></tbody></table>

\* Useful for when proxies are in the line of traffic from client > origin.

### Final Steps

Once log delivery is active, **notify your Netacea Solutions Engineer**. This allows us to:

* Confirm receipt of data
* Validate the dataset format and completeness
* Begin analysis once a sufficient volume of data has been collected

If you require support during setup, the Netacea SE team is here to help — don’t hesitate to reach out.