[SERVER-12670] Provide option to stream audit log to a database or external system Created: 10/Feb/14 Updated: 06/Dec/22 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | Logging, Security |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | New Feature | Priority: | Major - P3 |
| Reporter: | Rob Young (Inactive) | Assignee: | Backlog - Security Team |
| Resolution: | Unresolved | Votes: | 9 |
| Labels: | Auditing | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||||||
| Assigned Teams: |
Server Security
|
||||||||||||
| Participants: | |||||||||||||
| Case: | (copied to CRM) | ||||||||||||
| Description |
|
This enhancement removes the coupling between the audit log and the file system, allowing users to define and log it as a stream to a secured collection within a secured database, or to a remote service like Oracle Audit Vault, WORM storage, Splunk, etc. |
| Comments |
| Comment by Matt Kalan [ 23/Feb/18 ] |
|
I believe Splunk can take syslog as an input so they might be able to do this today. It is worth checking whether this is common for most WORM endpoints. One would think it would be |