SME Audit Logs

The Audit logs are available when logged in as the team Admin from the Audit Reports section of the Admin options.

These can be filters and/or exported.

If you want to enable the Audit logs to be accessible from the base OS then you can configure the logs to be output to syslog and they will be available in both places.

To enable audit logs see step4

To view and export audit logs see step5

Writing SME Audit Logs to syslog

You can enable this by logging in as appladmin, Goto Site Functionality and set “Enable write audit events to syslog” to yes

Login as org admin to your account and from the Menu on right hand side goto Options –

> Security and set "Write Audit Events to syslog file:" to yes The audit logs now will be written to ''%%/var/log/messages%%'' in the appliance

Sending SME appliance syslog entries to rsyslog service

SSH in as smeconfiguser and then su to root. Edit /etc/rsyslog.conf and at the bottom of file add line:

*.*                     @IP_OF_REMOTE_SYSLOG

Restart the syslog service:

systemctl restart rsyslog

The logs will be sent using UDP protocol and by default port 514 is used.

Install rsyslog:

If you have not already done so, you will need to install and configure rsyslog on a separate machine please see http://www.rsyslog.com/

Apache Access Logs

You can find apache access logs at at /etc/httpd/logs