Event logs contain valuable information regarding possible security threats, outages, and metrics that can help troubleshoot issues, and log streaming makes it possible to export these log files in near real-time.
You can stream your log files for all Ping Identity products in your PingOne Advanced Services cloud network using a variety of different log aggregation tools. Either set up this process when you initially access your applications, or submit a service request at any time. Ensure that you include pertinent information, listed here, regarding your aggregation tool in your request.
See the following for details:
- Your AccountID
- AWS key and secret
- Bucket name
- Your AccountID
- AWS key and secret
- Log group names
- Log steam names
With ArcSight, the syslog output with a JSON encoding is used. To export log files, include the destination host and port in your request.
You can configure Elasticsearch to use the Elasticsearch output plugin.
- Endpoint URL
- HTTP method used to send data
- An authorization token or key (optional)
With QRadar, the syslog output with a JSON encoding is used. To export log files, include the destination host and port in your request.
- Splunk HEC Endpoint URL
- Splunk API Key
To export log files with Syslog, include the destination host and port in your request.