Configure the Access Log for HTTPS Requests - Administrator Guide - 6.9 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.9
Creation date
2022-09-29
Last date published
2024-03-28
End_of_Life
EoL
Category
Administrator Guide
Abstract

Add a server configuration to view HTTP/HTTPS requests.

To effectively manage a web server, you need to get feedback about the activity, performance and problems that may occur. In the log server you can view HTTP/HTTPS requests, such as URLs, IP addresses, playbook searches, automation searches, etc.

Note

The format is Apache’s Combined Log Format. For more information, see https://httpd.apache.org/docs/2.4/logs.html.

  1. Select SettingsABOUTTroubleshootingAdd Server Configuration.

  2. To enable the logs, add the following key and value:

    Key

    Value

    http.access.log.enabled

    true

    All the HTTP requests to the server are logged in the access_log file.

  3. (Optional) You can configure the log file through the following configurations:

    Key

    Description

    http.access.log.enabled

    Enables or disables the log. Default is false.

    log.accesslog.filename

    The filename of the log. Default is access_log.

    log.accesslog.rolling.maxfilesize

    The maximum number of megabytes when a new file is created. Default is 10.

    log.accesslog.rolling.backups

    The number of backups. Default is 3.

    log.accesslog.rolling.maxage

    The number of days to preserve the log file. Default is 0.