(v2.3) Settings - Configuration - Logging
On the Logging screen it is possible to configure a remote syslog server, to which all Audit Log entries will be sent. The following can be set:
Log access attempts to non-existent packages
If enabled, then any attempt to access a non-existent package (URL with non-existent package UUID) results in creation of an audit log with this information. Enabling this option can cause excessive logging in case of a DOS attack.
(default: disabled)
Log User-Agent header
If enabled, then all audit log records triggered by web requests will include content of User-Agent HTTP header.
(default: disabled)
Syslog
Syslog server address
Address of the syslog server, to which to send the audit log records. The address format is:
<protocol>://<host or IP address>:<port>
The protocol can be either “udp” or “tcp”. The whole address can look for example like “tcp://logserver.domain:10514” or “udp://logserver.domain:514”.
The format of sent messages conforms to the RFC 3164, content of the message is in JSON.
The list of all existing audit log types is available here.
(default: unset)
The language of syslog records
The language of the log records sent to the configured syslog server.
(default: en)
Retention of audit logs
Automatically delete old audit logs
If this feature is enabled, audit logs will be deleted after the specified number of days.
(default: enabled)
Delete audit logs older than
Specifies the number of days for which audit logs will be retained. After this time they will be automatically deleted.
(default: 1100)