Skip to main content
Welcome to Virtru's support portal. As we work to make this page more accessible to screen readers, please contact us at support@virtru.com for technical support.

Execute Audit Export

Chad Sigler
  • Updated

Jump To:

 

Parameters

Required Parameters

Configuration File

Configuration File containing the required Authentication Keys

Example:

-i /path/to/folder/config.ini

 

Optional Parameters

Bookmark

To incorporate into scripts, a bookmark function can be enabled.  This will allow the last record to be the beginning of the next run.

Example:

-b,--bookmark

 

Query Dates

If no dates are specified, all records will be queried. Dates can include time in ISO8601 format. If a start date is defined, an end date is required.  The Start and End Dates must be in ISO8601 format.

Example:

--start 2018-07-05

Example:

--end 2018-07-06T00:00:00.000Z

Example:

--start 2018-07-05 --end 2018-07-06T00:00:00.000Z

 

Output Types

CSV

An output type is csv.  If the parameter is defined, a CSV will be generated per datatype.

Example:

--csv /path/to/folder/csv/

 

JSON

An output type is json.  If the parameter is defined, a Json file will be generated per execution.

Example:

--json /path/to/folder/json/

 

SYSLOG

An output type is syslog.  If the parameter is defined, each record will be sent to the specified address and optionally port.  If no port is defined, 514 will be used. 

 UDP is supported.

Example:

--sysloghost 1.1.1.1
--sysloghost 2.2.2.2 --syslogport 10514

 

Usage Examples

To test the system client and ensure the data pulls are accurate run

Example:

All of the records will be pulled and no data will be saved. 

cd /path/to/folder
pipenv run start -i config.ini

Example:

All of the records will be pulled and saved to Json files in /home/user/auditfiles/json/

cd /path/to/folder
pipenv run start -i config.ini --json /home/user/auditfiles/json/

Example:

All records in July 2019 will be pulled and saved to Json files in /home/user/auditfiles/json/

cd /path/to/folder
pipenv run start -i config.ini --start 20190701 --end 20190801 --json /home/user/auditfiles/json/

Example:

All of the records will be pulled and saved to csv files in /home/user/auditfiles/csv/

cd /path/to/folder
pipenv run start -i config.ini --csv /home/user/auditfiles/csv/

Example:

All of the records will be pulled and sent to a syslog server at 1.1.1.1

cd /path/to/folder
pipenv run start -i config.ini --sysloghost 1.1.1.1

Example:

All of the records will be pulled and sent to a syslog server at 1.1.1.1 on port 10514

cd /path/to/folder
pipenv run start -i config.ini --sysloghost 1.1.1.1 --syslogport 10514

Example:

All of the records will be pulled and sent to a syslog server at 1.1.1.1 and only pull new records since the last execution.

cd /path/to/folder
pipenv run start -i config.ini --sysloghost 1.1.1.1 -b

 

Scripting

An example where:

  • Install is located at: /var/virtru/audit/
  • Task will run every minute
  • Task will send data to the loopback via:
    • Syslog
    • UDP
    • Port 514
cd /var/virtru/audit/
touch run.sh
chmod +x run.sh
nano run.sh

 

Edit run.sh and add the following command:

/usr/local/bin/pipenv run start -i config.ini --sysloghost 127.0.0.1 -b

 

Edit CRON jobs

crontab -e

 

Create a job

*/1 * * * * /var/virtru/audit/run.sh

 

Related articles