Quick question, is there a way to send the logs via syslog, I can see the Logs option in the GUI.
Or are these events stored in a file on the OS such as /var/log/message so we could configure rsyslog to grab the file and send it on.
Thanks
All logs goes to Elastic Search instance.
docker ps | grep elastic
you will see an ip that listens, 169.254..
cat /etc/ferrumgate/env|grep ES_USER
cat /etc/ferrumgate/env|grep ES_PASS
username and password
1 Like
Perfect, thank you.
Following on from my other post, again I think you need to add this to the road map to enhance the logging ability, an option to add a syslog configuration. A simple destination ip and port/protocol would be good in the short term. Going forwards you would need to add a whole logging module.
I have 20 years of cyber security experience specialising in this area, if you need any pointers give me a shout.
Many thanks
We putted to roadmap, next release probably. When we started we will share new log architecture. Thanks