Audit logs for the Config API and Monitoring API is sent via syslog to any Security Information Management (SIM) device including Logpoint. These logs are also accessible to an authorized user through Director Console. Audit logs for APIs can be displayed, searched and ordered in any field in Logpoint.
Note
Config API is an asynchronous interface, used to perform various actions on Fabric-enabled Logpoints. The API performs actions such as the creation of devices, the creation of normalization policies, configuring collectors and configuring fetchers.
Monitoring API is an interface which monitors the status of Config API requests.
By default, the logging level for Config API is Info. The logging level tracks and analyzes events. It identifies the type and severity of logged events based on the impact severity on users and how quickly an administrator should respond. When a request is sent through the Config API, the following data are logged:
Request Issued
Exception Thrown
Warning
Request Issued
For every request made from the Config API, the API logs a request message. The request log contains information such as request type, request source and request header.
An example of a request log is:
Exception Thrown
For every malformed json data or failed data validation of Config API, the API logs an exception thrown. The log contains information such as status code and error message.
An example of an exception log is:
Warning
For every action where the Config API takes a default value, the API logs a warning message without halting the request issued. The log contains the information such as status code, the source of warning and error message.
An example of a warning log is:
By default, the logging level for audit logs of Monitoring API is Info. The Monitoring API request logs the following data:
Request Issued
Success Log
Warning
Error
Request Issued
Logpoint For every request from the Monitoring API, the API logs a request message.
An example of a request log is:
Success Log
If the Monitoring API successfully returns data for a request ID, then an audit log signifying successful response is logged.
An example of a success log is:
Warning
If the Monitoring API cannot return data for an issued request, then an audit log signifying warning response is logged.
An example of a warning log is:
Error
If the Monitoring API doesn’t return data for an issued request, then an audit log signifying error response is logged.
An example of an error log is:
