Specifying the transfer destinations of audit log files

REST API Reference Guide for Virtual Storage Platform 5000, Virtual Storage Platform E Series, and Virtual Storage Platform G/F Series

Version
93-07-0x
90-09-0x
88-08-10
Audience
anonymous
Part Number
MK-98RD9014-17
The following request specifies settings related to the transfer of audit log files from a storage system to the syslog servers. Run this API function with https specified as the protocol to be used.

For a list of storage systems that support this API, see Overview of the initial settings of a storage system.

Note:
  • If SSL communication is to be used to transfer audit log files between syslog servers, upload the necessary certificate files to the storage system before specifying the transfer destinations of audit log files.
  • If you locked the resources of the target storage system by using the REST API, you will not be able to use the API function for specifying the transfer destinations of audit log files. In such cases, unlock the resources before running the API function.
  • When specifying the transfer destinations of audit log files for VSP 5000 series, number of the retry and the timeout value are set as 1 and 120 sec.

Execution permission

Audit Log Administrator (View & Modify)

Request line

PATCH base-URL/v1/objects/auditlog-syslog-servers/instance

Request message

Object ID

Specify instance.

If an object has only one instance, the instance is the fixed value that specifies the object ID.

Query parameters

None.

Body
{
  "transferProtocol": "TLS",
  "locationName": "886000123456",
  "retries": true,
  "retryInterval": 30,
  "isDetailed": true,
  "primarySyslogServer": {
    "isEnabled": true,
    "ipAddress": "192.0.1.100",
    "port": 12345,
    "clientCertFileName": "primaryClientCert.crt",
    "clientCertFilePassword": "123456",
    "rootCertFileName": "primaryRootCert.crt"
  },
  "secondarySyslogServer": {
    "isEnabled": true,
    "ipAddress": "192.0.1.200",
    "port": 12345,
    "clientCertFileName": "secondaryClientCert.crt",
    "clientCertFilePassword": "123456",
    "rootCertFileName": "secondaryRootCert.crt"
  }
}

Attribute

Type

Description

transferProtocol

string

(Required) Protocol used when transferring audit log files to syslog servers

Specify one of the following values:
  • TLS: TLS1.2/RFC5424
  • UDP: UDP/RFC3164

locationName

string

(Required) Name of the storage system from which audit log files are to be transferred

Specify a character string consisting of 1 to 32 characters. You can use the following characters:

  • Alphanumeric characters
  • The following symbols:

    ! " # $ % & ' ( ) * + - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~

retries

boolean

(Optional) Specify whether to try again if communication with a syslog server fails.

If the transferProtocol attribute is TLS, specify either of the following values:
  • true: Try again.
  • false: Do not try again.
If you omit this item, true is assumed.

retryInterval

int

(Optional) Retry interval (in seconds) if communication with a syslog server fails

If the retries attribute is true, specify a value in the range from 1 to 60. If you omit this item, 1 will be set.

isDetailed

boolean

(Optional) Specify whether to transfer detailed information about audit log files to the syslog servers.

Specify one of the following values:
  • true: Transfer detailed information.
  • false: Do not transfer detailed information.
If you omit this item, true is assumed.

primarySyslogServer

object

(Required) Settings of the primary-site syslog server

Specify values for the following attributes of the primary-site syslog server:
  • isEnabled (boolean)

    (Required) Specify whether audit log files are to be transferred to the syslog server.

    • true: Transfer audit log files.
    • false: Do not transfer audit log files.
  • ipAddress (string)

    (Optional) IP address or host name of the server

    You must specify this attribute if true is specified for isEnabled.

    You can specify an IPv4 address, an IPv6 address, or a host name.

    Specify a name consisting of 1 to 255 characters.

    You can use the following characters in the host name:

    • Alphanumeric characters
    • The following symbols:

      ! $ % - . @ _ ` ~

  • port (int)

    (Optional) Port number

    You must specify this attribute if true is specified for isEnabled.

  • clientCertFileName (string)

    (Optional) Name of the client certificate file

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol. If you specify this attribute, the certificate file that was uploaded to the storage system will be set to be used. (The system will not check whether the file name of the certificate matches the file name specified for this attribute.) If a null character string is specified for this attribute, the certificate file that is already set for the storage system will be used.

  • clientCertFilePassword (string)

    (Optional) Password for client certificate

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol.

  • rootCertFileName (string)

    (Optional) File name for root certificate

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol. If you specify this attribute, the certificate file that was uploaded to the storage system will be set to be used. (The system will not check whether the file name of the certificate matches the file name specified for this attribute.) If a null character string is specified for this attribute, the certificate file that is already set for the storage system will be used.

secondarySyslogServer

object

(Required) Settings of the secondary-site syslog server

Specify values for the following attributes of the secondary-site syslog server:
  • isEnabled (boolean)

    (Required) Specify whether audit log files are to be transferred to the syslog server.

    • true: Transfer audit log files.
    • false: Do not transfer audit log files.
  • ipAddress (string)

    (Optional) IP address or host name of the server

    You must specify this attribute if true is specified for isEnabled.

    You can specify an IPv4 address, an IPv6 address, or a host name.

    Specify a name consisting of 1 to 255 characters.

    You can use the following characters in the host name:

    • Alphanumeric characters
    • The following symbols:

      ! $ % - . @ _ ` ~

  • port (int)

    (Optional) Port number

    You must specify this attribute if true is specified for isEnabled.

  • clientCertFileName (string)

    (Optional) Name of the client certificate file

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol. If you specify this attribute, the certificate file that was uploaded to the storage system will be set to be used. (The system will not check whether the file name of the certificate matches the file name specified for this attribute.) If a null character string is specified for this attribute, the certificate file that is already set for the storage system will be used.

  • clientCertFilePassword (string)

    (Optional) Password for client certificate

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol.

  • rootCertFileName (string)

    (Optional) File name for root certificate

    You must specify this attribute if true is specified for isEnabled and TLS is specified for transferProtocol. If you specify this attribute, the certificate file that was uploaded to the storage system will be set to be used. (The system will not check whether the file name of the certificate matches the file name specified for this attribute.) If a null character string is specified for this attribute, the certificate file that is already set for the storage system will be used.

Response message

Body

A job object is returned. For details on attributes other than affectedResources, see the description of job objects.

Attribute

Description

affectedResources

URL of the transfer destinations set for the audit log files of the storage system

Status codes

For details on the status codes of the request for this operation, see the description of HTTP status codes.

Coding example

curl -v -H "Accept:application/json" -H "Content-Type:application/json" -H "Authorization:Session d7b673af189048468c5af9bcf3bbbb6f" -X PATCH --data-binary @./InputParameters.json https://192.0.2.100/ConfigurationManager/v1/objects/auditlog-syslog-servers/instance