Is there a way to enable Audit logs in pub sub+ event broker and fetch those logs?

prashantk2000

I want to enable audit logging in pubsub event broker which I am running it as docker container. Is there a way to do that? I see Audit logs are there in pubsub cloud but is it available in pub sub event broker?

uherbst

1. You could do a "show log command …" in the cli - and you could try this with SEMP… This is not a typical "API"… but hey, it would work. If you want to try this route, ask again.
   
2. You can configure syslog forwarding. If you have a syslog server running outside the solace pod, you can forward these logs to it.
   Most probably, this is the typical solution for your concern.

Uli

uherbst

To answer your question, we need to agree of the meaning of "Audit log".

Just assuming, you want to see each action on the broker config (for example: Someone creates a queue or reset a password or similar) ?
This is available in the docker container in /usr/sw/jail/logs/command.log

Or are you looking for something else ?

Uli

prashantk2000

Thank you @uherbst , I am looking for same logs.
I am able to copy files from above location.

Do solace provide any apis to download these logs?

uherbst

1. You could do a "show log command …" in the cli - and you could try this with SEMP… This is not a typical "API"… but hey, it would work. If you want to try this route, ask again.
   
2. You can configure syslog forwarding. If you have a syslog server running outside the solace pod, you can forward these logs to it.
   Most probably, this is the typical solution for your concern.

Uli

prashantk2000

Thank you @uherbst, I was looking for same solution.
The first point you mentioned: I am able to get the logs using cli. However, how can we do it using SEMP api? can you please share few details about it?