Skip to main content

Audit Log Configuration

Torque provides integration with Elastic Stack, allowing you to easily monitor and audit your system users' behavior, investigate and remove security risks and vulnerabilities, and more. Once integrated, Torque begins capturing events and streams them to Elastic Stack for analytics, allowing you to gain visibility into key platform events within your account, identify the most active policies, significant changes in resource operations, or filter actions by user and space.

Licensing

Audit log integration is available for Enterprise plan only and requires a specific pricing feature.

Prerequisites

  • Working Elastic Stack server with internet access

Configuration

  1. In Torque, access your space.
  2. Click REST API in the left pane.
  3. Expand Settings and click Update audit provider.
  4. Specify the following details
    • type of log management system - "elasticsearch"
    • url of the Elastic server
    • username and password of the Elastic Stack admin.
    • Certificate: Optionally specify a certificate if you wish to secure the connection.
  5. Click Send API Request and make sure it completes successfully. For example:

    Locale Dropdown

  6. To make sure everything was configured properly, run the Get audit provider API.

    Locale Dropdown