Skip to content

MeshCentral Web Events Logs to Wazuh #6410

Closed Answered by si458
E2674 asked this question in Q&A
Sep 28, 2024 · 1 comments · 5 replies
Discussion options

You must be logged in to vote

the is no value called logFile inside the schema file, you should use authLog instead
this will create a fail2ban like file which you can phase and send to your logging system

meshcentral also supports syslog, syslogauth and syslogjson which output information into your syslog file

and you can also specify syslogtcp which sends syslog info over your network via TCP

we sadly dont have any descriptions as to what each values does in the schema file!
if you try each of them and let us know what they do, i can add it into the descriptions for others!

EDIT: below is from the schema file but checking the code, it shows that each value can also be true/false as well as a string

"syslog": {
  "ty…

Replies: 1 comment 5 replies

Comment options

You must be logged in to vote
5 replies
@E2674
Comment options

@si458
Comment options

@si458
Comment options

@E2674
Comment options

@si458
Comment options

Answer selected by E2674
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
2 participants