Define a remote syslog or splunk server to receive audit information

Parameters

Name	Type	In	Required	Description
address	string	query	False	Filter by address
timestamp_format_override	string	query	False	Filter by timestamp_format_override Introduced in: 9.13
verify_server	boolean	query	False	Filter by verify_server
hostname_format_override	string	query	False	Filter by hostname_format_override Introduced in: 9.13
facility	string	query	False	Filter by facility
port	integer	query	False	Filter by port
protocol	string	query	False	Filter by protocol
ipspace.name	string	query	False	Filter by ipspace.name Introduced in: 9.12
ipspace.uuid	string	query	False	Filter by ipspace.uuid Introduced in: 9.12
message_format	string	query	False	Filter by message_format Introduced in: 9.13
order_by	array[string]	query	False	Order results by specified fields and optional [asc
desc] direction. Default direction is 'asc' for ascending.	fields	array[string]	query	False
Specify the fields to return.	max_records	integer	query	False
Limit the number of records returned.	return_timeout	integer	query	False
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached. Default value: 15 Max value: 120 Min value: 0	return_records	boolean	query	False

Name

Type

In

Required

Description

address

string

query

False

Filter by address

timestamp_format_override

string

query

False

Filter by timestamp_format_override

Introduced in: 9.13

verify_server

boolean

query

False

Filter by verify_server

hostname_format_override

string

query

False

Filter by hostname_format_override

Introduced in: 9.13

facility

string

query

False

Filter by facility

port

integer

query

False

Filter by port

protocol

string

query

False

Filter by protocol

ipspace.name

string

query

False

Filter by ipspace.name

Introduced in: 9.12

ipspace.uuid

string

query

False

Filter by ipspace.uuid

Introduced in: 9.12

message_format

string

query

False

Filter by message_format

Introduced in: 9.13

order_by

array[string]

query

False

Order results by specified fields and optional [asc

desc] direction. Default direction is 'asc' for ascending.

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

Default value: 15
Max value: 120
Min value: 0

return_records

boolean

query

False

Response

Status: 200, Ok

Name	Type	Description
_links	_links
num_records	integer	Number of records
records	array[security_audit_log_forward]

Name

Type

Description

_links

num_records

integer

Number of records

records

array[security_audit_log_forward]

Example response

{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "address": "string",
      "facility": "string",
      "hostname_format_override": "string",
      "ipspace": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "exchange",
        "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
      },
      "message_format": "string",
      "protocol": "string",
      "timestamp_format_override": "string"
    }
  ]
}

Error

Status: Default, Error

Name	Type	Description
error	error

Name

Type

Description

error

Example error

{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name	Type	Description
href	string

Name

Type

Description

href

string

_links

Name	Type	Description
next	href
self	href

Name

Type

Description

self

href

_links

Name	Type	Description
self	href

Name

Type

Description

self

href

ipspace

Name	Type	Description
_links	_links
name	string	IPspace name
uuid	string	IPspace UUID

Name

Type

Description

_links

name

string

IPspace name

uuid

string

IPspace UUID

security_audit_log_forward

Name	Type	Description
address	string	Destination syslog\|splunk host to forward audit records to. This can be an IP address (IPv4\|IPv6) or a hostname.
facility	string	This is the standard Syslog Facility value that is used when sending audit records to a remote server.
hostname_format_override	string	Syslog Hostname Format Override
ipspace	ipspace
message_format	string	Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format.
port	integer	Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.
protocol	string	Log forwarding protocol
timestamp_format_override	string	Syslog Timestamp Format Override.
verify_server	boolean	This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Name

Type

Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

hostname_format_override

string

Syslog Hostname Format Override

ipspace

message_format

string

Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

timestamp_format_override

string

Syslog Timestamp Format Override.

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

error_arguments

Name	Type	Description
code	string	Argument code
message	string	Message argument

Name

Type

Description

code

string

Argument code

message

string

Message argument

error

Name	Type	Description
arguments	array[error_arguments]	Message arguments
code	string	Error code
message	string	Error message
target	string	The target parameter that caused the error.

Name

Type

Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.

Define a remote syslog or splunk server to receive audit information

Creating your file...

Parameters

Response

Error

Definitions