Skip to main content
A newer release of this product is available.

Retrieve the remote syslog or splunk server information

Contributors

GET /security/audit/destinations/{address}/{port}

Introduced In: 9.6

Defines a remote syslog/splunk server for sending audit information to.

Parameters

Name Type In Required Description

address

string

path

True

IP address of remote syslog/splunk server.

port

integer

path

True

Port number of remote syslog/splunk server.

fields

array[string]

query

False

Specify the fields to return.

Response

Status: 200, Ok
Name Type Description

address

string

Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname.

facility

string

This is the standard Syslog Facility value that is used when sending audit records to a remote server.

port

integer

Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514.

protocol

string

Log forwarding protocol

verify_server

boolean

This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate.

Example response
{
  "address": "string",
  "facility": "string",
  "protocol": "string"
}

Error

Status: Default, Error
Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.