Bamboo uses an audit message format that is non standard and flat. The audit logs themselves are accessible for inspection through the Bamboo UI or directly from the database.
A syslog integration would consist of:
- Using syslog message format for the audit log entries as described in RFC5424.
- The ability to store the audit log messages to: the database, a file in the filesystem, or an external entity such as a syslog server.
The syslog integration for the audit logs would provide the following benefits:
- A standardized format for the audit log entries which can be processed by external log analysis tools.
- The possibility to send the audit log message when the event happens to an external syslog daemon which can in turn trigger a reaction to the event.
Suggestion
