I am trying to extract audit data from various checkmk instances running 2.x and use them in an ELK cluster ( something similar as shown below )
For a POC i used a dirty trick of using the curl output from the Setup>General>Audit log>Export>Export CSV using browser debug and it worked for a while, is there a more robust way of getting this data using checkmk CLI or otherwise without worrying about auth data getting expired in some time ?
You’ll want to setup an automation user, then make sure they are assigned a role permission that includes Audit Log permissions. The automation username and secret are then passed on the url line.
Thank you ! For anyone trying above, i used below URL
http://XXXXXXXXXXXXXXXXXXXXXX/site/check_mk/wato.py?_action=csv&_transid=-1&mode=auditlog&_username=automation&_secret=XXXXXXXXXXXXX
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.
