Hello people.
I’m having trouble getting my logs to work correctly for the SIEM.
I configured rsyslog and logstash and both suddenly stop working.
Has anyone ever experienced this?
Hello Raphael,
welcome to privacyIDEA.
You description is a bit sparse.
privacyIDEA writes two logs.
a) the log file which is handled via python logging mechanism and can contain a lot of (debug) information and
b) the audit log, which only contains one (signed) entry per REST API request.
There are means to write both to external logging facilities.