Configure FTP Audit Archiver
The FTP Audit Archiver is used to back up the audit logs on the via FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
The FTP Audit Archiver is used to back up the audit logs on the
Layer7 API Gatewayvia FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
audit.archiver.ftp.fileprefix> cluster property + <
date & time stamp>.zip
When the audit records are successfully backed up, the archiver automatically deletes the records to save disk space.
Ensure that the FTP server receiving the archive is fast enough to accept the largest audit entry within the MySQL timeout period.
Once the FTP Audit Archiver is configured, it will automatically run as follows:
- Each time theLayer7 API Gatewayis started
- At a preset interval specified by the audit.ArchiverTimerPeriod cluster property
The archiver can also be manually invoked using the "Start Archiver" command in the Gateway Audit Events. If the archiver is configured but you do not want it to run, you can disable it using its properties dialog.
In addition to the configuration described here, there are several cluster properties that can be used to further control the behavior of the archiver. For more information, see the embedded database is in use on the
Layer7 API Gateway.
To configure the FTP Audit Archiver:
- In the Policy Manager, select[Tasks] > Logging and Auditing > Configure FTP Audit Archiverfrom the Main Menu (on the browser client, from the Manage menu). The FTP(S) Audit Archiver Properties appear.
- Configure the properties as follows:FieldDescriptionSecuritySpecify which form of security to use:
Host nameEnter the hostname of the FTP server. This name is verified against the X.509 certificate.Port numberEnter the port number to use. The default port number is 21.DirectorySpecify the name of the directory on the FTP server to place the audit archive.User name/PasswordEnter the login credentials if connecting a secure server.TimeoutSpecify the number of seconds to wait during FTP connection before the archiver times out.EnabledThe archiver is enabled by default. Clear the check box to disable the archiver. When disabled, the archiver will not run when theLayer7 API Gatewayis started nor can it be manually run from the Gateway Audit Events window. Scheduled archives will not occur as well.If an archive is in progress when the archiver is disabled, the change will not take effect until the transfer is finished. To just cancel the automatically scheduled archives, set the cluster property audit.ArchiverTimerPeriod to "0" (zero) instead.Test ConnectionClick this button to test the settings. You should see a success message if the settings are correct.
- FTP (unsecured): Information is submitted unencrypted.
- FTPS with Explicit SSL: Information is encrypted using explicit SSL (RFC2228).
- FTPS with Implicit SSL: Information is encrypted using implicit SSL.
- Verify server certificate: If encryption is used, select this check box to verify the server's certificate against the trust store in theLayer7 API Gateway. For more information, see "Certificate Expiration Notification" under Manage Certificates.
- Click [OK] when done.