Skip to main content
A newer release of this product is available.

Update the remote syslog or splunk server information

Contributors

PATCH /security/audit/destinations/{address}/{port}

Introduced In: 9.6

Updates remote syslog/splunk server information.

Parameters

Name Type In Required Description

address

string

path

True

IP address of remote syslog/splunk server.

port

integer

path

True

Port number of remote syslog/splunk server.

Request Body

Name Type Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

hostname_format_override

string

Syslog Hostname Format Override

ipspace

ipspace

message_format

string

Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

timestamp_format_override

string

Syslog Timestamp Format Override.

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Example request
{
  "address": "string",
  "facility": "string",
  "hostname_format_override": "string",
  "ipspace": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "exchange",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "message_format": "string",
  "protocol": "string",
  "timestamp_format_override": "string"
}

Response

Status: 200, Ok
Name Type Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

hostname_format_override

string

Syslog Hostname Format Override

ipspace

ipspace

message_format

string

Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

timestamp_format_override

string

Syslog Timestamp Format Override.

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Example response
{
  "address": "string",
  "facility": "string",
  "hostname_format_override": "string",
  "ipspace": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "exchange",
    "uuid": "1cd8a442-86d1-11e0-ae1c-123478563412"
  },
  "message_format": "string",
  "protocol": "string",
  "timestamp_format_override": "string"
}

Error

Status: Default, Default
Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

ipspace

Name Type Description

_links

_links

name

string

IPspace name

uuid

string

IPspace UUID

security_audit_log_forward

Name Type Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

hostname_format_override

string

Syslog Hostname Format Override

ipspace

ipspace

message_format

string

Syslog message format to be used. legacy_netapp format (variation of RFC-3164) is default message format.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

timestamp_format_override

string

Syslog Timestamp Format Override.

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.