User logging and monitoring

This support forum board is for support questions relating to Nagios XI, our flagship commercial network monitoring solution.
Locked
jsalsbury
Posts: 87
Joined: Tue Oct 23, 2018 12:57 pm

User logging and monitoring

Post by jsalsbury »

Good afternoon,
A new year leads to new requests and I was recently asked about how we monitor users logging into Nagios and if we can forward those logs to Splunk for monitoring. Has anyone else done this? Have you found it helpful? As the years progress we are looking into more and more of the security aspect of applications.


Thanks
J
Top
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: User logging and monitoring

Post by cdienger »

This information would be stored in the audit log. On newer versions of XI this can be set up to send to a remote machine under Admin > System Information > Audit Log > Send to Nagios Log Server. Entering values in here will configure a rsyslog configuration file on the backend - /etc/rsyslog.d/nagiosxi-xi_auditlog.conf.

Note that you can point this to any syslog server and that it doesn't have to be an instance of Nagios Log Server.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Top
Locked

Return to “Nagios XI”