Audit logging implies storing all audit logs to a remote syslog server. Currently, each controller VM stores audit logs, but
these logs are not stored indefinitely. The logs are overwritten based on the retention policy set for the controller VM.
By configuring a remote syslog server to store audit logs, you can ensure that the logs are retained for a longer period of
time.
Following are the audit logs that you can export to the remote syslog server:
After you enable audit logging, these logs are exported to the remote syslog server. If the logs from the controller VM are
not pushed to the remote sylog server, or if the remote syslog server is not reachable, an alarm is generated in the HX-Connect
user interface. However, HX Connect does not monitor the disk space available on the remote syslog server. The HX Connect
user interface will not display an alarm if the disk on the remote syslog server is full.
Attention |
|
After you enable audit logging, you can choose to either temporarily disable audit logging, or
you can choose to delete the audit logging server configuration details.