Documentation Index

Fetch the complete documentation index at: https://support.fortanix.com/llms.txt

Use this file to discover all available pages before exploring further.

Sysadmin Settings - Log Management

Prev Next

1.0 Introduction

This article describes the system level log management settings that are configured by the Fortanix-Data-Security-Manager (DSM) system administrator.

The settings configured here are applicable to every object of the entire cluster.

The Fortanix DSM supports policies that can be set on the cluster that restrict what kind of operations can be permitted on accounts.

2.0 Log Management

Fortanix DSM automatically maintains an internal audit log of system operations. You can configure Fortanix DSM to send these audit log entries to an external logging system. This section illustrates how to log invalid API requests and send Fortanix DSM audit logs to the Syslog server.

In the DSM user interface (UI), navigate to System AdministrationSettings LOG MANAGEMENT tab.

Figure 1: Log management page

2.1 Setting Retention Policy for Audit Logs

Perform the following steps to set the retention policy for the audit logs:

  1. On the Log management page, click EDIT to set Log retention for the sysadmin account.

    Figure 2: Retention period for audit logs

  2. Update the retention period as required. Select Keep log entries forever or specify a future date to retain the audit logs permanently.

    Figure 3: Update the retention period

  3. Click SAVE to save the configuration.

NOTE

  • After saving any changes to the Log Management settings, a rolling restart of the backend containers must be performed for the configuration to take effect. Until the restart is complete, a warning indicator (⚠) appears next to the tab name in the Settings menu, indicating that there are pending changes.

  • Alternatively, you can revert the configuration change before the cluster restart begins, click CANCEL CHANGE in the Pending changes banner. In the Cancel changes dialog box, click DELETE to confirm and restore the previous configuration, or click CANCEL to return without making any changes.

2.2 Log Invalid API Requests

Applications may sometimes send invalid API requests that result in 4XX errors, such as a 400 (Bad Request) error. To help debug these errors, Fortanix DSM logs them through the LOG MANAGEMENT feature.

To do this, enable the Logging invalid API requests toggle in the Log management page.

Figure 4: Logging invalid API requests

NOTE

  • After saving any changes to the Log Management settings, a rolling restart of the backend containers must be performed for the configuration to take effect. Until the restart is complete, a warning indicator (⚠) appears next to the tab name in the Settings menu, indicating that there are pending changes.

  • Alternatively, you can revert the configuration change before the cluster restart begins, click CANCEL CHANGE in the Pending changes banner. In the Cancel changes dialog box, click DELETE to confirm and restore the previous configuration, or click CANCEL to return without making any changes.

2.3 Sending Audit Logs to External Logging Systems

Fortanix DSM supports exporting audit logs to multiple external logging integrations, such as Splunk, Syslog, Google Cloud’s operations suite, and Azure Log Analytics. These integrations can be configured from the LOG MANAGEMENT menu item.

For detailed configuration steps for all supported integrations, refer to Logging.

Fortanix-logo

4.6

star-ratings

As of August 2025