Skip to content
Open
Original file line number Diff line number Diff line change
Expand Up @@ -3660,97 +3660,7 @@ Audit file name

.. note::

The file name must be set to `enable <#auditlog-fileenabled>`__ audit logging.

.. config:setting:: auditlog-filemaxsizemb
:displayname: Maximum audit file size (Audit Logging)
:systemconsole: Compliance > Audit Logging
:configjson: .ExperimentalAuditSettings.FileMaxSizeMB
:environment: MM_EXPERIMENTALAUDITSETTINGS_FILEMAXSIZEMB
:description: The maximum size in megabytes for audit log files before they are rotated. Default is 100 MB.

Maximum file size
^^^^^^^^^^^^^^^^^

+--------------------------------------------------+----------------------------------------------------------------------------------------+
| The maximum size in megabytes for audit log | - System Config path: **Compliance > Audit Logging** |
| files before they are rotated. | - ``config.json`` setting: ``ExperimentalAuditSettings`` > ``FileMaxSizeMB`` > ``100`` |
| | - Environment variable: ``MM_EXPERIMENTALAUDITSETTINGS_FILEMAXSIZEMB`` |
| Numerical input. Default is **100** MB. | |
+--------------------------------------------------+----------------------------------------------------------------------------------------+

.. config:setting:: auditlog-filemaxagedays
:displayname: Maximum audit file age (Audit Logging)
:systemconsole: Compliance > Audit Logging
:configjson: .ExperimentalAuditSettings.FileMaxAgeDays
:environment: MM_EXPERIMENTALAUDITSETTINGS_FILEMAXAGEDAYS
:description: The maximum age in days for audit log files before they are deleted. Default is 0 (no limit).

Maximum file age
^^^^^^^^^^^^^^^^

+--------------------------------------------------+----------------------------------------------------------------------------------------+
| The maximum age in days for audit log files | - System Config path: **Compliance > Audit Logging** |
| before they are deleted. | - ``config.json`` setting: ``ExperimentalAuditSettings`` > ``FileMaxAgeDays`` > ``0`` |
| | - Environment variable: ``MM_EXPERIMENTALAUDITSETTINGS_FILEMAXAGEDAYS`` |
| Numerical input. Default is **0** (no limit). | |
+--------------------------------------------------+----------------------------------------------------------------------------------------+

.. config:setting:: auditlog-filemaxbackups
:displayname: Maximum audit file backups (Audit Logging)
:systemconsole: Compliance > Audit Logging
:configjson: .ExperimentalAuditSettings.FileMaxBackups
:environment: MM_EXPERIMENTALAUDITSETTINGS_FILEMAXBACKUPS
:description: The maximum number of audit log file backups to retain. Default is 0 (no limit).

Maximum file backups
^^^^^^^^^^^^^^^^^^^^

+--------------------------------------------------+----------------------------------------------------------------------------------------+
| The maximum number of audit log file backups | - System Config path: **Compliance > Audit Logging** |
| to retain. | - ``config.json`` setting: ``ExperimentalAuditSettings`` > ``FileMaxBackups`` > ``0`` |
| | - Environment variable: ``MM_EXPERIMENTALAUDITSETTINGS_FILEMAXBACKUPS`` |
| Numerical input. Default is **0** (no limit). | |
+--------------------------------------------------+----------------------------------------------------------------------------------------+

.. config:setting:: auditlog-filecompress
:displayname: Compress audit log files (Audit Logging)
:systemconsole: Compliance > Audit Logging
:configjson: .ExperimentalAuditSettings.FileCompress
:environment: MM_EXPERIMENTALAUDITSETTINGS_FILECOMPRESS
:description: Whether to compress rotated audit log files.

- **true**: Rotated audit log files are compressed.
- **false**: **(Default)** Rotated audit log files aren't compressed.

Compress audit log files
^^^^^^^^^^^^^^^^^^^^^^^^

+--------------------------------------------------+-------------------------------------------------------------------------------------------+
| Whether to compress rotated audit log files. | - System Config path: **Compliance > Audit Logging** |
| | - ``config.json`` setting: ``ExperimentalAuditSettings`` > ``FileCompress`` > ``false`` |
| - **true**: Rotated audit log files are | - Environment variable: ``MM_EXPERIMENTALAUDITSETTINGS_FILECOMPRESS`` |
| compressed. | |
| - **false**: **(Default)** Rotated audit log | |
| files aren't compressed. | |
+--------------------------------------------------+-------------------------------------------------------------------------------------------+

.. config:setting:: auditlog-filemaxqueuesize
:displayname: Audit log queue size (Audit Logging)
:systemconsole: Compliance > Audit Logging
:configjson: .ExperimentalAuditSettings.FileMaxQueueSize
:environment: MM_EXPERIMENTALAUDITSETTINGS_FILEMAXQUEUESIZE
:description: The maximum number of audit log entries that can be queued. Default is 1000.

Audit log queue size
^^^^^^^^^^^^^^^^^^^^

+--------------------------------------------------+--------------------------------------------------------------------------------------------+
| The maximum number of audit log entries that | - System Config path: **Compliance > Audit Logging** |
| can be queued. | - ``config.json`` setting: ``ExperimentalAuditSettings`` > ``FileMaxQueueSize`` > ``1000`` |
| | - Environment variable: ``MM_EXPERIMENTALAUDITSETTINGS_FILEMAXQUEUESIZE`` |
| Numerical input. Default is **1000**. | |
+--------------------------------------------------+--------------------------------------------------------------------------------------------+
When `output audit logs to file <#auditlog-fileenabled>`__ is enabled, the file name must be set. To configure file rotation and advanced audit log output, use the :ref:`AdvancedLoggingJSON <administration-guide/configure/environment-configuration-settings:output audit logs to multiple targets>` setting.

.. config:setting:: auditlog-certificate
:displayname: Audit log certificate (Audit Logging)
Expand Down
Comment thread
hanzei marked this conversation as resolved.
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ Experimental configuration settings
Review and manage the following :ref:`experimental <administration-guide/manage/feature-labels:experimental>` configuration options in the System Console by selecting the **Product** |product-list| menu, selecting **System Console**, and then selecting **Experimental > Features**:

- `Experimental System Console configuration settings <#experimental-system-console-configuration-settings>`__
- `Experimental audit logging configuration settings <#experimental-audit-logging-configuration-settings>`__
- `Experimental job configuration settings <#experimental-job-configuration-settings>`__
- `Experimental configuration settings for self-hosted deployments only <#experimental-configuration-settings-for-self-hosted-deployments-only>`__

Expand Down Expand Up @@ -728,191 +727,6 @@ Enable Bleve for autocomplete queries
| This feature's ``config.json`` setting is ``"EnableAutocomplete": false`` with options ``true`` and ``false``. |
+-----------------------------------------------------------------------------------------------------------------+

----

Experimental audit logging configuration settings
--------------------------------------------------------

Enable the following settings to output audit events in the System Console by going to **Compliance > Audit Logging**, or in the ``config.json`` file.

.. note::

The ability to enable and configure audit logging is currently in :ref:`Beta <administration-guide/manage/feature-labels:beta>`.

.. config:setting:: advanced-logging
:displayname: Advanced Logging (Audit Logging > Cloud)
:systemconsole: Experimental > Features
:configjson: AdvancedLoggingJSON
:environment: N/A
:description: Output log and audit records to any combination of console, local file, syslog, and TCP socket targets for a Mattermost Cloud deployment.

Advanced logging
~~~~~~~~~~~~~~~~

.. include:: ../../_static/badges/entry-ent.rst
:start-after: :nosearch:

Output log and audit records to any combination of console, local file, syslog, and TCP socket targets for a Mattermost Cloud deployment. See the :ref:`advanced logging <administration-guide/manage/logging:advanced logging>` documentation for details about logging options.

.. config:setting:: enable-audit-logging
:displayname: Enable audit logging (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileEnabled
:environment: N/A
:description: Write audit files locally for a self-hosted deployment.

Enable audit logging
~~~~~~~~~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

When audit logging is enabled in a self-hosted instance, you can specify size, backup interval, compression, maximium age to manage file rotation, and timestamps for audit logging, as defined below. You can specify these settings independently for audit events and AD/LDAP events.

**True**: Audit logging files are enabled, and audit files are written locally to a file for a self-hosted deployment.

**False**: Audit logging files aren't enabled, and audit logs aren't written locally to a file for a self-hosted deployment.

+--------------------------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileEnabled": false",`` with options ``true`` and ``false``. |
+--------------------------------------------------------------------------------------------------------------------------------------+

.. config:setting:: file-name
:displayname: File name (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileName
:environment: N/A
:description: Specify the path to the audit file for a self-hosted deployment.

File name
~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

Specify the path to the audit file for a self-hosted deployment.

+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileName": ""`` with string input consisting of a user-defined path (e.g. ``/var/log/mattermost_audit.log``). |
+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+

.. config:setting:: max-file-size
:displayname: File max size MB (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileMaxSizeMB
:environment: N/A
:description: This is the maximum size (measured in megabytes) that the file can grow before triggering rotation for a self-hosted deployment.. Default is **100** MB.

Max file size
~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

This is the maximum size, in megabytes, that the file can grow before triggering rotation for a self-hosted deployment. The default setting is ``100``.

+---------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileMaxSizeMB": 100`` with numerical input. |
+---------------------------------------------------------------------------------------------------------------------+

.. config:setting:: max-file-age
:displayname: File max age days (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileMaxAgeDays
:environment: N/A
:description: This is the maximum age in days a file can reach before triggering rotation for a self-hosted deployment.. The default value is **0**, indicating no limit on the age.

Max file age
~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

This is the maximum age, in days, a file can reach before triggering rotation for a self-hosted deployment. The default value is ``0``, indicating no limit on the age.

+--------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileMaxAgeDays": 0`` with numerical input. |
+--------------------------------------------------------------------------------------------------------------------+

.. config:setting:: maximum-file-backups
:displayname: File max backups (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileMaxBackups
:environment: N/A
:description: This is the maximum number of rotated files kept for a self-hosted deployment. The oldest is deleted first. The default value is **0**, indicating no limit on the number of backups.

Maximum file backups
~~~~~~~~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

This is the maximum number of rotated files kept for a self-hosted deployment. The oldest is deleted first. The default value is ``0``, indicating no limit on the number of backups.

+--------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileMaxBackups": 0`` with numerical input. |
+--------------------------------------------------------------------------------------------------------------------+

.. config:setting:: file-compression
:displayname: File compress (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileCompress
:environment: N/A
:description: When ``true``, rotated files are compressed using ``gzip`` in a self-hosted deployment. Default value is **false**.

File compression
~~~~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

When ``true``, rotated files are compressed using ``gzip`` in a self-hosted deployment.

+-------------------------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileCompress": false`` with options ``true`` and ``false``. |
+-------------------------------------------------------------------------------------------------------------------------------------+

.. config:setting:: maximum-file-queue
:displayname: File max queue size (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: FileMaxQueueSize
:environment: N/A
:description: This setting determines how many audit records can be queued/buffered at any point in time when writing to a file for a self-hosted deployment. Default is **1000** records.

Maximum file queue
~~~~~~~~~~~~~~~~~~~

.. include:: ../../_static/badges/ent-plus.rst
:start-after: :nosearch:

This setting determines how many audit records can be queued/buffered at any point in time when writing to a file for a self-hosted deployment. The default is ``1000`` records.
This setting can be left as default unless you are seeing audit write failures in the server log and need to adjust the number accordingly.

+-------------------------------------------------------------------------------------------------------------------------+
| This feature's ``config.json`` setting is ``".ExperimentalAuditSettings.FileMaxQueueSize": 1000`` with numerical input. |
+-------------------------------------------------------------------------------------------------------------------------+

.. config:setting:: audit-logging-certificate
:displayname: Audit logging certificate upload (Audit Logging > Cloud Enterprise)
:systemconsole: Audit Log Settings > Certificate
:configjson: N/A
:environment: N/A
:description: Cloud Enterprise customers can upload and manage a certificate for audit logging encryption on Syslog or TCP logging targets.

Certificate
~~~~~~~~~~~~

Cloud Enterprise customers can upload and manage a certificate for audit logging encryption on Syslog or TCP logging targets. The ability to upload a certificate is only available when the feature flag ``ExperimentalAuditSettingsSystemConsoleUI`` is enabled.

Upload the certificate PEM file in the System Console by going to **System Console > Audit Log Settings > Certificate** and selecting **File/Remove Certificate**. The certificate file can be stored in the filestore or stored locally on the filesystem.

.. config:setting:: advanced-logging
:displayname: Advanced Logging (Audit Logging > Self-Hosted)
:systemconsole: Experimental > Features
:configjson: AdvancedLoggingJSON
:environment: N/A
:description: Output log and audit records to any combination of console, local file, syslog, and TCP socket targets for a Mattermost self-hosted deployment.

Experimental configuration settings for self-hosted deployments only
--------------------------------------------------------------------

Expand Down
10 changes: 1 addition & 9 deletions source/administration-guide/manage/logging.rst
Original file line number Diff line number Diff line change
Expand Up @@ -235,15 +235,7 @@ You can enable and customize advanced audit logging in Mattermost to record acti
.. note::

- From Mattermost v10.11, Cloud deployments include certificate-based audit logging capabilities not available within self-hosted deployments.
- Cloud-based deployments use the following self-hosted audit logging default values:

- FileEnabled: false
- FileMaxSizeMB: 100
- FileMaxAgeDays: 0 (no limit)
- FileMaxBackups: 0 (retain all)
- FileCompress: false
- FileMaxQueueSize: 1000

- Cloud-based deployments use the following self-hosted audit logging default values: `FileEnabled: false`
- Cloud deployments can't configure local file-based audit logging, and all file-related settings are hidden.

----
Expand Down
Loading