Skip to content

Remote Audit Logs

The CEP allows sending audit log to a remote logging server. After setting the logging server host, the CEP will send log to this logging server for the following events.

  • Enrolling new authentication methods
  • Modification Deletion and existing authentication methods
  • Successful logins and logouts.

Configuration

Minimal Configuration

To start logging you have to configure the host of logging server and if the UDP port differs from 514, then you have to configure your port. There are more parameters you can change. Please visit the list of available parameters for more detail.

Example
    environment:
      - CEP_REMOTE_AUDITLOG_HOST=192.168.100.100
      - CEP_REMOTE_AUDITLOG_PORT=516
Example Of Audit Logs
[2022-05-26 12:06:07] audit.INFO: User LDAP\testuser completed method PASSWORD:1 for login
[2022-05-26 12:06:11] audit.INFO: User LDAP\testuser completed method BLUETOOTH:1 for login
[2022-05-26 12:06:11] audit.INFO: User LDAP\testuser logged in by completing the chain PIN + Bluetooth
[2022-05-26 12:20:50] audit.INFO: User LDAP\testuser completed method PASSWORD:1 for login
[2022-05-26 12:20:53] audit.INFO: User LDAP\testuser completed method BLUETOOTH:1 for login
[2022-05-26 12:20:53] audit.INFO: User LDAP\testuser logged in by completing the chain PIN + Bluetooth