You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Assignee: tgelf
Status: Resolved (closed on 2016-11-02 17:45:04 +00:00)
Target Version: 1.2.0
Last Update: 2016-11-02 17:45:04 +00:00 (in Redmine)
Hi,
A customer of mine needs, in addition to the audit log in the database, an external audit log via syslog or as a plaintext file. While the database is great for searching, an external log in a seperate file or in syslog could be handled more safely when it comes to prohibit manipulation. This log should contain more or less the same information as the audit log in the database. e.g. who changed when which object - if possible with a hint, what was changed.
Maybe the easiest way to implement this would be to talk to the local syslog system to have the log formatted in a standardised way. While using a more sophisiticated log format like GELF (seems to be very appropriate ;-) ) would have benefits when parsing the log, using syslog would make it easier to connect to WORM, audit or SIEM systems.
Both, syslog and a more sophisticated log format, would be nice but since development resources are not infinite, please be sure to make syslog the higher priority.
This issue has been migrated from Redmine: https://dev.icinga.com/issues/12976
Created by twidhalm on 2016-10-25 07:48:24 +00:00
Assignee: tgelf
Status: Resolved (closed on 2016-11-02 17:45:04 +00:00)
Target Version: 1.2.0
Last Update: 2016-11-02 17:45:04 +00:00 (in Redmine)
Hi,
A customer of mine needs, in addition to the audit log in the database, an external audit log via syslog or as a plaintext file. While the database is great for searching, an external log in a seperate file or in syslog could be handled more safely when it comes to prohibit manipulation. This log should contain more or less the same information as the audit log in the database. e.g. who changed when which object - if possible with a hint, what was changed.
Cheers,
Thomas
Changesets
2016-11-02 17:40:43 +00:00 by tgelf 468a271
The text was updated successfully, but these errors were encountered: