10-20-2020 04:12 AM
I'm running a 5240 master/media appliance with 3.2. We use vrealize log insight. I was reading that Splunk and an HP product are the only two log destinations that the appliance will auto-send logs to; is that correct? What is the best way to get security audit logs into vrealize? And if the answer is to download them from the web interface--would you be able to point me to the directions, either in the manuals or on a page, to do this? Thanks in advance.
10-20-2020 08:58 AM
10-20-2020 12:01 PM
May I ask which manual you found that quote from? I haven't come across it yet, and I'd like to read its surrounding info. Thanks!
10-20-2020 12:27 PM - edited 10-20-2020 12:38 PM
10-20-2020 03:09 PM - edited 10-20-2020 03:38 PM
Have you also reviewed what is available via API calls? The documentation is available at
https://<master-server>/api-docs/index.html (in particular look at the security section which contains access to the audit logs - at least is 8.3 it does).
Not sure if it will help, nor whether the events available are what you are after, but may be another
Aslo contrary to what @jnardello was suggesting, you shouldn't be making changes/additions to the underlying OS on the appliance - it will take your appliance out of support - especially installing additional unsupported software. Yes it can be done, but it shoudn't.
10-21-2020 09:53 AM