[cas-user] Re: What do you use for CAS auditing?
Hello, Is it possible to have the Logstash Grok patterns on a GitHub repository? This way, we can avoid reinventing the wheel. Thank you in advance. Le mardi 26 mars 2019 à 17:20:09 UTC+1, magicserverpixiedust a écrit : > Using Elasticsearch for CAS auditing here. Filebeat agent tails the cas > audit logs and sends to logstash for parsing/field mappings then off to > Elasticsearch. Kibana web front end for pretty dashboards/reports. We > have about 15 months worth of CAS audit logs from 30k users in our > Elasticsearch cluster, cool stuff. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1f6724d6-65cf-436a-ba99-e48a270e613dn%40apereo.org.
[cas-user] Re: What do you use for CAS auditing?
Similarly, we send CAS audit logs to Sumo Logic, but that's only saved for 60? days. We have a separate audit log (created by a separate application) in a store backed by an RDB. However, our user base is considerably smaller. The size of the audit table is becoming an issue, so we'll likely address that ~real soon~. Drew -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/1fee64f0-f3cd-4b0b-9020-9606c4b539d0%40apereo.org.
[cas-user] Re: What do you use for CAS auditing?
We already had Logrhythm running, so it made sense to send logs over to that. I'm using syslog to get them over there. I don't manage Logrhythm, but from what I understand, they just had to setup a template on their end to parse the CAS logs. On Tuesday, March 26, 2019 at 9:02:40 AM UTC-6, Robert Bond wrote: > > What is everyone using for CAS auditing? > > Mongo, Redis, Postgres, Mysql or other? > > I am working on a new deployment for CAS and trying to see what auditing > repository everyone is using. > > Previously I used Mongo but I am leaning toward a relational db for ease > of reporting. > > Look forward to your responses. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/83757245-b693-4db4-bef7-bf0ed232e2ee%40apereo.org.
[cas-user] Re: What do you use for CAS auditing?
Using Elasticsearch for CAS auditing here. Filebeat agent tails the cas audit logs and sends to logstash for parsing/field mappings then off to Elasticsearch. Kibana web front end for pretty dashboards/reports. We have about 15 months worth of CAS audit logs from 30k users in our Elasticsearch cluster, cool stuff. -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/36d9954d-0b61-4966-ad57-bae38707986a%40apereo.org.
