Retrieve remote syslog or splunk server information

08/30/2024 Contributors

PDFs

GET /security/audit/destinations/{address}/{port}

Introduced In: 9.6

Defines a remote syslog/splunk server for sending audit information to.

Parameters

Name	Type	In	Required	Description
address	string	path	True	IP address of remote syslog/splunk server.
port	integer	path	True	Port number of remote syslog/splunk server.
fields	array[string]	query	False	Specify the fields to return.

Name

Type

Required

Description

address

string

path

True

IP address of remote syslog/splunk server.

port

integer

path

True

Port number of remote syslog/splunk server.

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok

Name	Type	Description
address	string	Destination syslog\|splunk host to forward audit records to. This can be an IP address (IPv4\|IPv6) or a hostname.
facility	string	This is the standard Syslog Facility value that is used when sending audit records to a remote server.
port	integer	Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.
protocol	string	Log forwarding protocol
verify_server	boolean	This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Name

Type

Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Example response

{
  "address": "string",
  "facility": "string",
  "protocol": "string"
}

Error

Status: Default, Error

Name	Type	Description
error	error

Name

Type

Description

error

Example error

{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

error_arguments

Name	Type	Description
code	string	Argument code
message	string	Message argument

Name

Type

Description

code

string

Argument code

message

string

Message argument

error

Name	Type	Description
arguments	array[error_arguments]	Message arguments
code	string	Error code
message	string	Error message
target	string	The target parameter that caused the error.

Name

Type

Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.

Retrieve remote syslog or splunk server information

Creating your file...

Parameters

Response

Error

Definitions