Event-Audit Logging - Syslog

Quick question, is there a way to send the logs via syslog, I can see the Logs option in the GUI.

Or are these events stored in a file on the OS such as /var/log/message so we could configure rsyslog to grab the file and send it on.


All logs goes to Elastic Search instance.

docker ps | grep elastic

you will see an ip that listens, 169.254..

cat /etc/ferrumgate/env|grep ES_USER
cat /etc/ferrumgate/env|grep ES_PASS

username and password

1 Like

Perfect, thank you.

Following on from my other post, again I think you need to add this to the road map to enhance the logging ability, an option to add a syslog configuration. A simple destination ip and port/protocol would be good in the short term. Going forwards you would need to add a whole logging module.

I have 20 years of cyber security experience specialising in this area, if you need any pointers give me a shout.

Many thanks

We putted to roadmap, next release probably. When we started we will share new log architecture. Thanks