Logging Categories
Apinizer’s logging mechanism is primarily divided into two main categories:Traffic Logs
Contains all API traffic information passing through Apinizer and is recorded by default in Elasticsearch.
System Logs
Records system-related operations and events. These are stored by default in the MongoDB database.
System Log Subcategories
System Logs are divided into five subcategories. Three of these can be sent to an external product via Syslog:- Logs That Can Be Sent via Syslog
- Logs Not Sent via Syslog
- Audit Log (System Operations): Logs related to changes and operations made in the Apinizer management application.
- Token Log: Contains logs related to token acquisition when Apinizer is used as a token provider.
- Application Log: Software logs of Apinizer applications/modules. By default, kept at error (Error) level, and users can change the level as needed.
Frequently Asked Questions
What are the challenges when sending logs to a SIEM product like QRadar?
What are the challenges when sending logs to a SIEM product like QRadar?
Parameters in JSON format logs need to be parsed by writing a parser and stored accordingly. Therefore, it is necessary to work together with people who manage/use the Apinizer product or are familiar with web services to determine important fields for the organization together.In some cases, the length of log records that can be received at once can also be a problem. In such cases, when opening syslog integration, it can be configured to send only up to a certain number of characters in the body field.
Do System Audit logs coming via Syslog cover User Audit logs?
Do System Audit logs coming via Syslog cover User Audit logs?
No, System Audit logs that can be sent via Syslog and the mentioned User Audit logs have different content:
- System Audit Logs: “Who did what on which page” - general logs related to changes made on the system.
- User Audit Logs: There is no separate “user audit” log under this definition externally. Generally, user-focused audits are handled under special category logs such as Login Audit and Test Console Usage Audits, and these are not currently sent to external applications.