# Universal Log Transfer

## Netacea Universal Offline POV Guide

To send log data to Netacea for analysis when real-time streaming or platform integrations are not viable, you can use the **AWS Command Line Interface (CLI)** to complete a one-off upload to a secure, Netacea-hosted Amazon S3 bucket. Below are the documented steps required to install and use the AWS CLI to perform a secure transfer.

### Pre-requisites

To successfully complete an offline log transfer to Netacea, please ensure the following:

* The **AWS CLI** is installed and confirmed to be working on your machine.
* You have received the necessary S3 bucket details (bucket name and ARN) from Netacea. These can be found [here](https://netacea.gitbook.io/portal-docs/user-guides-and-videos/portal-setup-and-log-shipping-guide).
* You have created a **test file** that can be used to validate the connection before transferring actual data.
* You are using a machine that:
  * Allows **command-line access**
  * Has **permission to install and run CLI tools**
  * Has **access to the log file(s)** intended for upload

{% hint style="info" %}
You do not need to provision any of the S3 Bucket infrastructure or associated credentials as these will be provided to you.
{% endhint %}

#### Step 1: Install the AWS CLI

Download the AWS CLI from the official source based on your operating system:

* **Windows (64-bit)**
* **macOS (PKG Installer)**
* **Linux (Installer)**
* **Amazon Linux (AMI)**

👉 [AWS CLI download link](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html)

After downloading, run the installer and follow the on-screen prompts.

To confirm successful installation, run the following command in your terminal or command prompt:

```
aws --version
```

#### **Step 2: Configure the AWS CLI**

Use the provided credentials to set up your environment:

```
aws configure
```

You will then be asked to input some additional details. The table below explains what information needs to be provided and where this can be located from:

<table><thead><tr><th width="245">Name</th><th>Value</th></tr></thead><tbody><tr><td>AWS_ACCESS_KEY_ID</td><td>Obtained from the Netacea <a href="https://portal.netacea.com/">admin portal</a></td></tr><tr><td>AWS_SECRET_ACCESS_KEY</td><td>Obtained from the Netacea <a href="https://portal.netacea.com/">admin portal</a></td></tr><tr><td>AWS_DEFAULT_REGION</td><td>eu-west-1</td></tr></tbody></table>

#### **Step 3: Test Access with a Sample File**

Ensure that you have created a small test file (this can be empty) to verify access:

```
aws s3 cp localtestfile.txt s3://name-of-bucket 
```

* Replace `/full/path/to/testfile.txt` with the actual path to your test file
* Replace `<bucket-name>` with the S3 bucket name provided by Netacea

Once uploaded, contact the **Netacea Solutions Engineering team** to confirm that the file was received successfully.

#### **Step 4: Upload the Log Data**

After confirmation from Netacea, you may proceed with uploading your full log file using the same command:

```
aws s3 cp localtestfile.txt s3://name-of-bucket 
```

Make sure to:

* Replace `/full/path/to/logfile.log` with the actual path to your log file
* Use the same bucket name as provided
* Ensure the upload completes without errors.

### Netacea Minimum Dataset

To perform a successful Proof of Value (PoV), the log file(s) you upload must include the following fields:

<table><thead><tr><th width="215">Required Fields</th><th>Description</th></tr></thead><tbody><tr><td>Timestamp</td><td>The time at which the request was received</td></tr><tr><td>IP Address</td><td>The IP address from which the request was made</td></tr><tr><td>User Agent</td><td>The user agent string sent in the header by the client</td></tr><tr><td>Method</td><td>The HTTP method of the request</td></tr><tr><td>Path</td><td>The path of the requested resource</td></tr><tr><td>Query</td><td>The query string of the request</td></tr><tr><td>Status</td><td>The HTTP status code returned by the server</td></tr><tr><td>Referrer</td><td>The web page the user followed a link from</td></tr><tr><td>Bytes Sent</td><td>The Bytes sent as part of the servers response</td></tr><tr><td>Client JA3</td><td>Clients JA3 fingerprint (if available)</td></tr><tr><td>X-Forwarded-For*</td><td>Connecting IP address [array] of a client request, if proxied</td></tr><tr><td>True Client IP*</td><td>The trusted source of the original client IP</td></tr><tr><td>Host</td><td>The destination host of the request</td></tr><tr><td>Protocol</td><td>The protocol of the request</td></tr><tr><td>Request Time</td><td>The complete amount of time it took to process the request</td></tr></tbody></table>

\* Useful for when proxies are in the line of traffic from client > origin.

### Final Steps

Once log delivery is active, **notify your Netacea Solutions Engineer**. This allows us to:

* Confirm receipt of data
* Validate the dataset format and completeness
* Begin analysis once a sufficient volume of data has been collected

If you require support during setup, the Netacea SE team is here to help — don’t hesitate to reach out.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.netacea.com/universal-log-transfer.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.