SafeNet Logging Agent
This feature may not be available in your service zone.
This feature requires version 2.0.0.0 or higher of the SafeNet Logging Agent.
There is no upgrade procedure to go from the SafeNet Remote Logging Agent to the SafeNet Logging Agent. You simply install the new SafeNet Logging Agent. You can then either uninstall the SafeNet Remote Logging Agent if you don't need it anymore, or use both agents in parallel.
Use the SafeNet Logging Agent to automatically retrieve access and authentication logs from STA. The agent uses the Logs API to retrieve logs from STA and send those logs to the specified location in your network. Alternatively, instead of using the agent, you can programmatically integrate the Logs API into your software solution.
Audit logs generated from actions taken in the STA Token Management console are not supported by this feature.
Environment
Environment | Description |
---|---|
Supported Platforms |
|
Supported Architecture |
|
Additional Software |
|
Network Port |
|
Get the agent and an API key
You get the SafeNet Logging Agent from the STA Access Management console. You download the agent files, and then get an API key.
The SafeNet Logging Agent needs an API key for authentication, because it uses the Logs API. The agent sends each log that it retrieves as a syslog message to an IP address. Log retrieval begins automatically after you start the SafeNet Logging Agent.
-
On the STA Access Management console, select Settings > Log Streaming.
-
Under Installation Options, in the OPTION 01 box, select Continue.
To set up the SafeNet Logging Agent, you need to first download and install the agent, and then get an API key.
-
Under Get Agent, select Download.
The download includes two files:
-
SafeNet Logging Agent.exe is the agent installer.
-
Logging_AgentConfig_yyymmdd.json is the configuration file. It contains the API URL and the unique identifier for your virtual server (the tenant code). You need the path to this file when you configure the agent, but you don't need to open or edit this file.
-
-
Under Configure Agent, select Go to API Keys.
-
On the API Keys screen, select Generate API Key.
Install and configure SafeNet Logging Agent
-
Open the SafeNet Logging Agent.exe file that you downloaded, and follow the prompts to install the agent.
During the installation process, the system adds a SafeNet Logging Agent shortcut to the desktop.
-
Open the SafeNet Logging Agent.
The shortcut opens a command language interpreter (CLI) window.
-
Enter the path to the Logging_AgentConfig_yyymmdd.json file that you downloaded:
LoggingAgent.exe config –f <file path>
This file contains the API URL and the unique identifier (tenant code) for your virtual server.
-
Enter the API key:
-
If you downloaded the API key file, enter the path to the API key file that you downloaded:
LoggingAgent.exe apikey -f <file path>
After the API key is successfully configured, STA deletes the API key file that is stored at that path.
-
If you copied the API key to the clipboard, enter the API key:
LoggingAgent.exe apikey -v <API key>
-
-
Create a sysLog.json file that includes the IP address and port number of primary and secondary TCP syslog servers to which you want the agent to push logs.
For example:
{ //Input Primary Receiver IP "Host": "10.234.56.78", "Port": "1234", //Input Secondary Host Receiver IP "SecondaryHost": "10.234.57.36", "SecondaryPort": "5678", }
If the primary syslog server fails, the agent sends the log files to the secondary server without loss of data.
-
To configure the agent to push the log files to the syslog servers, enter:
LoggingAgent.exe syslog -f <path to the syslog.json file>
-
(Optional) To configure how often the agent pushes log files to the destination, enter:
LoggingAgent.exe config -i <minutes>
Where
<minutes>
specifies how long the agent must wait before pushing the next log file (the default is 5).The agent implements the change with the next API log function call.
-
(Optional) To implement the change immediately, stop and then restart the agent:
-
To stop the agent, enter:
LoggingAgent.exe stop
-
To start the agent, enter:
LoggingAgent.exe start
-
-
(Optional) To display information about agent commands, enter:
LoggingAgent -h
orLoggingAgent -help