Teleport

Exporting Teleport Audit Events

The Teleport Auth Service emits audit logs when users and services interact with your cluster.

You can use Teleport's Event Handler plugin to export audit events from Teleport so you can store them in a log management platform or custom backend.

If you are new to exporting audit events with Teleport, read Forwarding Events with Fluentd to learn the basics of how our Event Handler plugin works. While this guide focuses on Fluentd, the Event Handler plugin can export audit events to any endpoint that ingests JSON messages via HTTP.

Next, read our guides to setting up the Event Handler plugin to export audit events to your solution of choice:

Export Teleport Audit Events with Datadog: Learn how to configure the Event Handler plugin and Fluentd (with the Datadog plugin) to export audit events to Datadog.
Monitor Teleport Audit Events with the Elastic Stack: How to configure the Event Handler plugin to forward Teleport audit logs to Logstash for ingestion in Elasticsearch so you can explore them in Kibana.
Monitor Teleport Audit Events with Splunk: How to configure the Event Handler plugin to send logs to Splunk's Universal Forwarder so you can explore your audit events in Splunk.

The Teleport Access Platform

Featured Resource

Integrations

Featured Resource

Use Cases

Featured Resource

Industries

Featured Resource

Compliance

Featured Webinar

Strategic Partners

Featured AWS Webinar

Read

Experience

Discover

Featured Blog Post

Company

Explore

Featured Webinar

Exporting Teleport Audit Events