Skip to content

PLUTEX/dirsrv-audit-graylog-bridge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
[email protected]
[email protected]
 
 
[email protected]
[email protected]
 
 
main.py
main.py
 
 
parser.py
parser.py
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

389-ds Audit Log Bridge to Graylog

This script reads the audit log generated by 389-ds, converts it to GELF and sends it to a Graylog server.

Installation

  1. Clone this repository into /opt/dirsrv-audit-graylog-bridge:

    git clone https://github.com/PLUTEX/dirsrv-audit-graylog-bridge

  2. Configure your Graylog server in the file /etc/default/dirsrv-audit-graylog-bridge:

    GRAYLOG_HOST="graylog.example.org"
GRAYLOG_PORT=12201

  3. Symlink the systemd unit files:

    ln -s /opt/dirsrv-audit-graylog-bridge/dirsrv-audit-graylog-bridge@.{socket,service} /etc/systemd/system/

  4. Enable the systemd unit files (with the same instance name as your [email protected] unit, we assume "ldap"):

    systemctl enable dirsrv-audit-graylog-bridge@ldap.{service.socket}

  5. Optionally, add a BindsTo= dependency to the [email protected] unit itself:

    systemctl edit [email protected]
[Unit]
BindsTo=dirsrv-audit-graylog-bridge@%i.socket

About

389-ds Audit Log Bridge to Graylog

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages