Logging of the log management system is often required for compliance purposes. Audit logs keep track of all the changes made to the Graylog deployment by end users. Graylog will record all state changes into the database, allowing for search, filter and exporting of all audit log entries.
In Graylog Enterprise version 3+, we can now enable the Audit log functionality to log to either a database or create the logs in a log file for collection. By default logging to the database is always enabled, and cannot be disabled.
During the configuration of the audit log, you can select the number of days you would like to retain the history for. This is fully adjustable based on your audit requirements, and is a per Graylog node setting allowing for customized retention periods.
Graylog activates the MongoDB audit log feature when the Enterprise functionality is enabled, and starts recording to the local database immediately. Every new action taken by administrators are recorded and put into a window for searching and exporting incase needed.
You can also add additional logging to a log file, with the Log4j2 audit log appender, which will output actions to a file on the system for collection or storage.
Windows
Linux
Unix
JSON, CSV, TXT
Storage Mgmt
Custom Apps
Change Mgmt
Switches
Firewalls
DNS
Routers
DBMS
Commercial Apps
Products
Follow Us:
GRAYLOG HEADQUARTERS
1301 Fannin St, Ste. 2000
Houston, TX 77002
GRAYLOG COLORADO
1919 14th Street, Suite 700, Office 18
Boulder, CO 80302
GRAYLOG UNITED KINGDOM
34-37 Liverpool Street, 7th Floor
London, EC2M 1PP
United Kingdom
GRAYLOG GERMANY GMBH
Poolstraße 21
20355 Hamburg, Germany
© 2024 Graylog, Inc. All rights reserved
