Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Suggest an Idea

Announcements
This page is no longer in use. To suggest an idea, please visit Browse and Suggest.

QEM audit trail logs

Prabodh
Creator II
Creator II
‎2021-05-10 03:55 PM

QEM audit trail logs

Hello team,

We have security policy requirement where we want to track the user activity in QEM. This activity should be logged to a centralized and immutable destination. I have cheked teh enhancement and the solution proposed in https://community.qlik.com/t5/Suggest-an-Idea/QEM-Audit-Log-Automation/idc-p/1805995.

However, the solution looks cumbersome to me. It would require us to configure a separate module to read the audit logs from API and ship it to centralized log repository.

This information is already logged to <Enterprise Manager installation folder>\data\AuditTrail\audit_service location, however is not readable. I would like to request an enhancement to make this plaintext and readable OR simply log this information to the general Enterprise Manager log file.

Most logging tools like Elastisearch, Splunk, Cloudwatch and other provide log forwarding capabilities. I can simply hookup a filebeats agent or logstash to ship the audit log file to Elasticsearch for further analysis.

 

Thanks!

Status: Closed - Archived Submitted by Creator II on ‎2021-05-10 03:55 PM
1,746 Views
5 Comments
Shelley_Brennan
Former Employee
Former Employee
‎2021-06-14 08:30 AM

Thank you for the suggestion.  We will continue to collect feedback from others as well.

Status changed to: Open - Collecting Feedback
igorf
Contributor
Contributor
‎2022-07-14 09:10 AM

We have the same requirement to ship audit log to centralized security system and it would be much more efficient to do it directly through the file reading agent on the server rather then through integration via QEM API

RogerBeanPool
Contributor II
Contributor II
‎2023-04-17 09:50 AM

I agree with the OP.  Reading the audit records via a log management utility would be great.

Meghann_MacDonald
Employee
Employee
‎2023-08-02 11:57 AM

From now on, please track this idea from the Ideation portal. 

Link to new idea

Meghann

NOTE: Upon clicking this link 2 tabs may open - please feel free to close the one with a login page. If you only see 1 tab with the login page, please try clicking this link first: Authenticate me! then try the link above again. Ensure pop-up blocker is off.

Ideation
Newbie
Newbie
‎2023-08-02 11:57 AM
 
Status changed to: Closed - Archived
Subscribe by Topic