Converse agora com nosso suporte
Chat com o suporte

syslog-ng Store Box 7.0.4 LTS - User Guide

Using session-only decryption keys

You can upload decryption keys to browse encrypted logspaces for the duration of the session only. These keys are automatically deleted when you log out from syslog-ng Store Box(SSB).

To use session-only decryption keys

  1. Select User menu > Private keystore. A pop-up window is displayed.

  2. Select Temporary > , then select Certificate > . A pop-up window is displayed.

    Figure 12: User menu > Private keystore — Adding decryption keys to the private keystore

  3. Paste or upload the certificate used to encrypt the logstore.

  4. Select Key > . A pop-up window is displayed.

  5. Paste or upload the private key of the certificate used to encrypt the logstore.

  6. Repeat Steps 2-5 to upload additional keys if needed.

  7. Click Apply.

Creating reports from log data

SSB can periodically create reports from the statistics of processed logs. To configure reporting, first you have to create statistics from log data, and save it as a reporting subchapter. You can then configure a report using the saved subchapter. You can include multiple subchapters in a report. The necessary procedures are described in the following chapters:

Creating custom statistics from log data

The syslog-ng Store Box(SSB) appliance can create statistics from the Facility, Priority, Program, Pid, Host, Tags, and .classifier.class columns. Use Customize columns to add the required column, if necessary.

NOTE: The .classifier.class data is the class assigned to the message when pattern database is used. For details, see Classifying messages with pattern databases in the Administration Guide. The pattern databases provided by One Identity currently use the following message classes by default: system, security, violation, or unknown.

You can display statistics on the web interface, export the related data as CSV, and also save the statistics to include in a report.

Displaying log statistics

To display statistics about the log messages, click the icon in the appropriate header of the table.

You can choose from Bar chart or Pie chart & List.

Figure 13: Search > Logspaces — Displaying log statistics as Bar chart

In Pie chart & List view, percentages add up to 100%. The only exception to this is when statistics are based on Tags. Since statistics are provided for tags rather than messages, when messages have multiple tags, the percentages may add up to more than 100%.

Figure 14: Search > Logspaces — Displaying log statistics as Pie chart & List

Statistics will show the item with the largest number of entries first. To display the item with the least number of entries first, select Least.

NOTE: When navigating to the "future" in the search bar, it is possible that the number of logs displayed in the Search results differs from the number of logs displayed in the Count part of the Host pie chart.

To avoid this, do not navigate to the "future".

If this has already happened, save the search expression that you have used somewhere, and then refresh the page by clicking Log > Search again. Note that it will display the original state of the Search page, meaning that for example it will remove all search expressions that you have entered before.

You can export these statistics in CSV format using the Export all to CSV option, or you can include them in reports as a subchapter.

Documentos relacionados

The document was helpful.

Selecione a classificação

I easily found the information I needed.

Selecione a classificação