# Syslog

Geração de relatórios baseados nos logs e capacidade tambem em exportá-los para arquivos em\
formato ".csv";

Necessário abertura de ticket, a intervenção é feita em linha de código dentro da appliance.

/opt/fsafer/config/config.txt

Syslog Configuration

SYSLOG\_ENABLE=true SYSLOG\_ADDR=10.1.12.116:514 # Syslog server IP and port SYSLOG\_FACILITY=local2 # Corresponds to the Syslog configuration file

Após alterar será necessário reiniciar os serviços do F-Safer

Analyzing Syslog Information

<table data-header-hidden><thead><tr><th width="144.9140625">Event Type</th><th>Syslog Record Example (resumo)</th></tr></thead><tbody><tr><td><strong>Login</strong></td><td><code>Apr 19 15:25:11 10.1.14.125 fsafer: login_log - { "backend": "Password", ..., "ip": "10.1.10.35", ..., "status": {"label": "successful", "value": true}, ..., **"username": "admin"** }</code></td></tr><tr><td><strong>File Upload</strong></td><td><code>Apr 19 15:27:26 10.1.14.125 fsafer: ftp_log - { "account": "root(root)", "filename": **"/tmp/vmware-root/file.pdf"**, ..., "value": **"upload"**, "remote_addr": "10.1.10.35", "user": "Administrator(admin)" }</code></td></tr><tr><td><strong>File Download</strong></td><td><code>Apr 19 15:28:08 10.1.14.125 fsafer: ftp_log - { "account": "root(root)", "filename": **"/tmp/vmware-root/file.pdf"**, ..., "value": **"download"**, "remote_addr": "10.1.10.35", "user": "Administrator(admin)" }</code></td></tr></tbody></table>