Getting Started with Cloudmersive and Audit Logs

You can monitor administrative access to your Cloudmersive Management Portal and organization using Audit Logs.

Step 1 - View Audit Logs

To view audit logs, you must have a plan or product that includes this feature. To view audit logs, navigate to the Cloudmersive Management Portal and click on Audit Logs. From here you can view the timestamp, action, IP address and IP address location of each audit log event.

Step 2 (Optional) - Connect Your Log Management Solution

You can also optionally send your Cloudmersive Management Center audit logs to your log management solution for integrated and centralized monitoring, or to further integrate with your Security Information Event Management (SIEM) system.

Splunk Integration

To send your audit logs to Splunk, from the Audit Logs screen click on Configure Log Management, and then enable Send Audit Logs to Splunk. Be sure to enter the server endpoint as a fully-qualified URL (supports custom port number), Splunk Token and click on Save Changes.

AWS CloudWatch Logs

  • Navigate to the Cloudmersive Management Portal
  • Click on Audit Logs
  • Click on Configure Log Management
  • Check Send Audit Logs to AWS CloudWatch Logs; configure the parameters as required
  • Click Save Changes
  • Your audit logs will now be sent to AWES CloudWatch Logs

Azure Log Analytics

  • Navigate to the Cloudmersive Management Portal
  • Click on Audit Logs
  • Click on Configure Log Management
  • Check Send Audit Logs to Azure Log Analytics; configure the parameters such as Workspace ID, Shared Access Key
  • Click Save Changes
  • Your audit logs will now be sent to Azure Log Analytics
  • If you wish to send your logs to Azure Sentinel, configure integration between Azure Log Analytics and Azure Sentinel in the Azure Portal

Azure Sentinel

To send your audit logs to Azure Sentinel, first configure Azure Log Analytics (see above), then in the Auzre Portal connect Azure Sentinel to your Azure Log Analytics Workspace.

RAPID7 InsightOps

  • Log in to InsightOps and click the "Add Data" button in the top navigation
  • Click the "Webhook" icon
  • Give your log a name and select an existing Log set or create a new one
  • This will display a URL that you will use to send your log data to. The last part of the URL is the log token, which identifies the log that the data should be sent to
  • Navigate to the Cloudmersive Management Portal
  • Click on Audit Logs
  • Click on Configure Log Management
  • Check Send Audit Logs to RAPID7 InsightOps; paste in the URL from the RAPID7 portal (see above)
  • Click Save Changes
  • Your audit logs will now be sent to RAPID7 InsightOps

Syslog and IBM QRadar

You can send your audit logs to Syslog. IBM QRadar accepts Syslog input and can also be used.

  • Navigate to the Cloudmersive Management Portal
  • Click on Audit Logs
  • Click on Configure Log Management
  • Check Send Audit Logs to Syslog; configure the parameters such as host name or IP address, and port number
  • Click Save Changes
  • Your audit logs will now be sent to Syslog
  • If you are using IBM QRadar, configure IBM QRadata to accept Syslogs and then follow the steps above normally






800 free API calls/month, no credit card required

Get started now!