Configure FTP Audit Archiver

The FTP Audit Archiver is used to back up the audit logs on the via FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
gateway93
The FTP Audit Archiver is used to back up the audit logs on the 
API Gateway
 via FTP to a specified host. The backups are stored as plain text files compressed into .ZIP archives with a name in the following format:
<
audit.archiver.ftp.fileprefix
> cluster property + <
date & time stamp
>.zip
When the audit records are successfully backed up, the archiver automatically deletes the records to save disk space.
 Ensure that the FTP server receiving the archive is fast enough to accept the largest audit entry within the MySQL timeout period.
Once the FTP Audit Archiver is configured, it will automatically run as follows:
  • Each time the 
    API Gateway
     is started
  • At a preset interval specified by the audit.ArchiverTimerPeriod  cluster property
The archiver can also be manually invoked using the "Start Archiver" command in the Gateway Audit Events. If the archiver is configured but you do not want it to run, you can disable it using its properties dialog.
 
 In addition to the configuration described here, there are several cluster properties that can be used to further control the behavior of the archiver. For more information, see the embedded database is in use on the 
API Gateway
.
 
 
To configure the FTP Audit Archiver
:
  1.  In the Policy Manager, select 
    [Tasks] > Logging and Auditing > Configure FTP Audit Archiver
     from the Main Menu (on the browser client, from the Manage menu). The FTP(S) Audit Archiver Properties appear. 
  2. Configure the properties as follows:
     
    Field
     
     
    Description
     
     
    Security
     
    Specify which form of security to use: 
    • FTP (unsecured): Information is submitted unencrypted.
    • FTPS with Explicit SSL: Information is encrypted using explicit SSL (RFC2228).  
    • FTPS with Implicit SSL: Information is encrypted using implicit SSL.
    • Verify server certificate: If encryption is used, select this check box to verify the server's certificate against the trust store in the 
      API Gateway
      . For more information, see "Certificate Expiration Notification" under Manage Certificates.
     
    Host name
     
    Enter the hostname of the FTP server. This name is verified against the X.509 certificate.
     
    Port number
     
    Enter the port number to use. The default port number is 21.
     
    Directory
     
    Specify the name of the directory on the FTP server to place the audit archive.
     
    User name/Password
     
    Enter the login credentials if connecting a secure server.
     
    Timeout
     
    Specify the number of seconds to wait during FTP connection before the archiver times out.
     
    Enabled
     
    The archiver is enabled by default. Clear the check box to disable the archiver. When disabled, the archiver will not run when the 
    API Gateway
     is started nor can it be manually run from the Gateway Audit Events window. Scheduled archives will not occur as well.
     If an archive is in progress when the archiver is disabled, the change will not take effect until the transfer is finished. To just cancel the automatically scheduled archives, set the cluster property audit.ArchiverTimerPeriod to "0" (zero) instead.
     
    Test Connection
     
    Click this button to test the settings. You should see a success message if the settings are correct.
  3. Click [
    OK
    ] when done.