REST API reference
Update the remote syslog or splunk server information
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
PATCH /security/audit/destinations/{address}/{port}
Introduced In: 9.6
Updates remote syslog/splunk server information.
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
address |
string |
path |
True |
IP address of remote syslog/splunk server. |
port |
integer |
path |
True |
Port number of remote syslog/splunk server. |
Request Body
| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
Example request
{
"facility": "kern",
"protocol": "udp_unencrypted"
}Response
Status: 200, Ok| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
Example response
{
"facility": "kern",
"protocol": "udp_unencrypted"
}Error
Status: Default, Default| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
security_audit_log_forward
| Name | Type | Description |
|---|---|---|
address |
string |
Destination syslog|splunk host to forward audit records to. This can be an IP address (IPv4|IPv6) or a hostname. |
facility |
string |
This is the standard Syslog Facility value that is used when sending audit records to a remote server. |
port |
integer |
Destination Port. The default port depends on the protocol chosen: For un-encrypted destinations the default port is 514. For encrypted destinations the default port is 6514. |
protocol |
string |
Log forwarding protocol |
verify_server |
boolean |
This is only applicable when the protocol is tcp_encrypted. This controls whether the remote server's certificate is validated. Setting "verify_server" to "true" will enforce validation of remote server's certificate. Setting "verify_server" to "false" will not enforce validation of remote server's certificate. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |