I’m trying to get the Audit page in the GUI output to a file, but having a hard time finding the right configuration to get me that. I can only interpret a little bit of what the config file is doing so I may have bits in there that are completely unneccessary. Below is what I am currently working with, I’m getting output to the configured file but also getting stuff I don’t want and missing stuff I want. I’m looking to record client ip, endpoint accessed, username, and domain at the very least.
End game is to have this data ingested by Logstash (Using filebeat to grab the data from the file on the PI server).
[formatters] keys=detail [handlers] keys=file [formatter_detail] class=privacyidea.lib.log.SecureFormatter format=[%(asctime)s][%(process)d][%(thread)d][%(levelname)s][%(name)s:%(lineno)d] %(message)s [handler_file] # Rollover the logfile at midnight class=logging.handlers.RotatingFileHandler backupCount=7 maxBytes=50000000 formatter=detail level=INFO args=('/var/log/privacyidea/audit.log',) [loggers] keys=root,privacyidea [logger_privacyidea] handlers=file qualname=privacyidea level=INFO [logger_root] level=INFO handlers=file