Is it possible to set up alerts via email for admin activities such as a change in group membership or permission scheme?
We using Rapid 7 as a SIEM tool so perhaps there's a way of sending the logs to that? Tried googling a few suggestions but 99.9% of the results are always to do with how to configure alerts for projects and issues.
Thanks
Dear @Martin ,
if Rapid 7 can talk 'REST', you can pull this information form the audit log endpoint. Then alerting is a piece of cake.
So long
Thomas
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.