Send Wordpress server audit logs to Graylog

Hello everyone,

I’ve asked this question before but because of some reasons, i can’t manage the topic, so I think that, fresh topic will be more useful for everyone.

I have graylog2 in my CentOS 7 server and now I can collect all log datas with this server.

And I have just finished Wordpress server in my another server ( both 2 server in the same network ). I need send these audit logs to my Graylog2 server and monitoring them.

How can I do it ?

Note: I have root privileges for both two server.

If they need any information from my servers I will be check here at certain intervals.

Topics are automatically closed 14 days after the last reply.

You also didn’t reply to the questions in Send Wordpress audit logs to Graylog

Yes, as I said because of some personal reasons I can’t work :frowning:

Hey @egetkn,

how about answering the questions now? :slight_smile:

Sure :slight_smile:

I think it stores somewhere inside of wordpress files or in the database of wordpress server. I can use bash script to reach Wordpress or I can find a way, this is easy part actually :slight_smile: . I need finout a way to send it. Here is my wordpress admin panes and the can see the audit part left of the screen.

If you have access to the audit log entries, you can use any format and protocol Graylog supports, such as GELF, Syslog (RFC 5424), or new-line separated plaintext, to send them to Graylog and process them further.

The question is, how ı will reach Wordpress log files and the config file of these logs have no ip adressing module. For example, in rsys logs, there are some settings that I can send them a specific IP adress and port but in this case, there nothing someting like this :frowning:

What does that mean exactly. Please elaborate.

So here is the deal;

Finally, I can find where wordpress stores it’s logs :slight_smile: they are in MySQL database and now I need to send them to graylog :slight_smile: .

As they can see from the SS, audit collect logs like this. My final question is, how I can import this databased log to Graylog2 server ?

Thanks for help :slight_smile:

You could use Logstash with its JDBC input and GELF output for this.

Hi again Jochen,

Do you know somewhere I can find better instructions.

Thanks again…

You could pay somebody to develop a custom solution for you.

Other than that, you’ll either have to build a solution yourself or use the components already mentioned in this discussion.

1 Like

didn’t test it, but description seems fine: https://wordpress.org/plugins/ap-stream-to-gelf/#description

hope this helps,
cya.

1 Like

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.