Document toolboxDocument toolbox

(v2.3) Settings - Configuration - Logging

On the Logging screen it is possible to configure a remote syslog server, to which all Audit Log entries will be sent. The following can be set:

Log access attempts to non-existent packages

If enabled, then any attempt to access a non-existent package (URL with non-existent package UUID) results in creation of an audit log with this information. Enabling this option can cause excessive logging in case of a DOS attack.

(default: disabled)

Log User-Agent header

If enabled, then all audit log records triggered by web requests will include content of User-Agent HTTP header.

(default: disabled)

Syslog

Syslog server address

Address of the syslog server, to which to send the audit log records. The address format is:

<protocol>://<host or IP address>:<port>

The protocol can be either “udp” or “tcp”. The whole address can look for example like “tcp://logserver.domain:10514” or “udp://logserver.domain:514”.

The format of sent messages conforms to the RFC 3164, content of the message is in JSON.

The list of all existing audit log types is available here.

(default: unset)

The language of syslog records

The language of the log records sent to the configured syslog server.

(default: en)

Retention of audit logs

Automatically delete old audit logs

If this feature is enabled, audit logs will be deleted after the specified number of days.

(default: enabled)

Delete audit logs older than

Specifies the number of days for which audit logs will be retained. After this time they will be automatically deleted.

(default: 1100)