Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
lullejd
Contributor

Audit Logs in Gaia?

Hi guys Smiley Happy Is there a way how we can check changes done through gaia from Management Audit Logs? Thanks in advance

Senior Information Security Engineer
0 Kudos
4 Replies
Vladimir
Champion
Champion

0 Kudos
JozkoMrkvicka
Mentor
Mentor

Or CLI alternative in case webUI is disabled, or not allowed:

hostname> set syslog mgmtauditlogs on

hostname> set syslog auditlog permanent

More info in this article:

How to export syslog messages from Gaia Security Gateway to a Log Server and view them in SmartView ... 

Kind regards,
Jozko Mrkvicka
Danny
Champion Champion
Champion

Within Gaia's expert mode you can easily look for changes within audit log with this one-liner:

tail -n 200 $FWDIR/log/fw.adtlog | grep -a changed

This shows the last 200 lines of your audit log. Change the number to how many lines you want to see.

lullejd
Contributor

*** UPDATE ****

Thanks all for your suggestions.

We have enabled logging for all Bash shell commands in Gaia following the procedure in SK99134 and forwarded syslog to an external syslog server.

Thanks all for your help Smiley Happy

Senior Information Security Engineer

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events