REST API reference
Update the remote syslog or splunk server information
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
PATCH /security/audit/destinations/{address}/{port}
Introduced In: 9.6
Updates remote syslog/splunk server information.
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
address |
string |
path |
True |
IP address of remote syslog/splunk server. |
port |
integer |
path |
True |
Port number of remote syslog/splunk server. |
Request Body
| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
hostname_format_override |
string |
Syslog Hostname Format Override |
ipspace |
||
message_format |
string |
Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
timestamp_format_override |
string |
Syslog Timestamp Format Override. |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
Example request
{
"facility": "kern",
"hostname_format_override": "no_override",
"ipspace": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "exchange",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"message_format": "legacy_netapp",
"protocol": "udp_unencrypted",
"timestamp_format_override": "no_override"
}Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
hostname_format_override |
string |
Syslog Hostname Format Override |
ipspace |
||
message_format |
string |
Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
timestamp_format_override |
string |
Syslog Timestamp Format Override. |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
Example response
{
"facility": "kern",
"hostname_format_override": "no_override",
"ipspace": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "exchange",
"uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
},
"message_format": "legacy_netapp",
"protocol": "udp_unencrypted",
"timestamp_format_override": "no_override"
}Error
Status: Default, Default| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
ipspace
| Name | Type | Description |
|---|---|---|
_links |
||
name |
string |
IPspace name |
uuid |
string |
IPspace UUID |
security_audit_log_forward
| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
hostname_format_override |
string |
Syslog Hostname Format Override |
ipspace |
||
message_format |
string |
Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
timestamp_format_override |
string |
Syslog Timestamp Format Override. |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |