[GH-ISSUE #2122] Feature Request: Tactical RMM Audit Log to File in /var/log #3263

New issue

Open

opened 2026-03-14 06:59:45 +03:00 by kerem · 3 comments

kerem commented 2026-03-14 06:59:45 +03:00

Owner

Copy link

Originally created by @redanthrax on GitHub (Jan 21, 2025).
Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/2122

Originally assigned to: @wh1te909 on GitHub.

Is your feature request related to a problem? Please describe.
I need a way to scrape the audit log and store it externally.

Describe the solution you'd like
I would like the tacticalrmm audit log to log to a file in or a directory in /var/log and end with a .log extension.

Describe alternatives you've considered
Scheduling a script to pull the audit log data from the db and place the data in /var/log.

Additional context
The purpose is to scrape the data with promtail.

Originally created by @redanthrax on GitHub (Jan 21, 2025). Original GitHub issue: https://github.com/amidaware/tacticalrmm/issues/2122 Originally assigned to: @wh1te909 on GitHub. **Is your feature request related to a problem? Please describe.** I need a way to scrape the audit log and store it externally. **Describe the solution you'd like** I would like the tacticalrmm audit log to log to a file in or a directory in /var/log and end with a .log extension. **Describe alternatives you've considered** Scheduling a script to pull the audit log data from the db and place the data in /var/log. **Additional context** The purpose is to scrape the data with promtail.

kerem added the

enhancement

label 2026-03-14 06:59:45 +03:00

kerem commented 2026-03-14 06:59:55 +03:00

Author

Owner

Copy link

@wulfsystems commented on GitHub (Jul 23, 2025):

from my POV its an important featurerequest.
I for example want to check the tactical logs by splunk.

<!-- gh-comment-id:3105655642 --> @wulfsystems commented on GitHub (Jul 23, 2025): from my POV its an important featurerequest. I for example want to check the tactical logs by splunk.

kerem commented 2026-03-14 07:00:00 +03:00

Author

Owner

Copy link

@eastedentech commented on GitHub (Jan 20, 2026):

Yeah, I would like to push those logs to something like Wazuh or similar.

Or just be able to add a syslog destination so TRMM can just send the logs direct to a syslog ingestion point.

<!-- gh-comment-id:3773705188 --> @eastedentech commented on GitHub (Jan 20, 2026): Yeah, I would like to push those logs to something like Wazuh or similar. Or just be able to add a syslog destination so TRMM can just send the logs direct to a syslog ingestion point.

kerem commented 2026-03-14 07:00:06 +03:00

Author

Owner

Copy link

@bensen1 commented on GitHub (Jan 26, 2026):

Would be highly appreciated by us too! ; )

<!-- gh-comment-id:3800741345 --> @bensen1 commented on GitHub (Jan 26, 2026): Would be highly appreciated by us too! ; )

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

develop

master

1.0.0

v1.4.0

v1.3.1

v1.3.0

v1.2.0

v1.1.0

v1.0.0

v0.20.1

v0.20.0

v0.19.4

v0.19.3

v0.19.2

v0.19.1

v0.19.0

v0.18.2

v0.18.1

v0.18.0

v0.17.5

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.5

v0.16.4

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.12

v0.15.11

v0.15.10

v0.15.9

v0.15.8

v0.15.7

v0.15.6

v0.15.5

v0.15.4

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.8

v0.14.7

v0.14.6

v0.14.5

v0.14.4

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.4

v0.13.3

v0.13.2

v0.13.1

v0.13.0

v0.12.4

v0.12.3

v0.12.2

v0.12.1

v0.12.0

v0.11.3

v0.11.2

v0.11.1

v0.11.0

v0.10.5

v0.10.4

v0.10.3

v0.10.2

v0.10.1

v0.10.0

v0.9.2

v0.9.1

v0.9.0

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.32

v0.4.31

v0.4.30

v0.4.29

v0.4.28

v0.4.27

v0.4.26

v0.4.25

v0.4.24

v0.4.23

v0.4.22

v0.4.21

v0.4.20

v0.4.19

v0.4.18

v0.4.17

v0.4.16

v0.4.15

v0.4.14

v0.4.13

v0.4.12

v0.4.11

v0.4.10

v0.4.9

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.23

v0.2.22

v0.2.21

v0.2.20

v0.2.19

v0.2.18

v0.2.17

v0.2.16

v0.2.15

v0.2.14

v0.2.13

v0.2.12

v0.2.11

v0.2.10

v0.2.9

v0.2.8

v0.2.7

v0.2.6

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.8

v0.1.7

v0.1.6

v0.1.5

v0.1.4

v0.1.3

v0.1.2

v0.1.1

v0.1.0

Labels

Clear labels   

In Process

  

bug

  

bug

  

dev-triage

  

documentation

  

duplicate

  

enhancement

  

fixed

  

good first issue

  

help wanted

  

integration

  

invalid

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

requires agent update

  

security

  

ui tweak

  

wontfix

No labels

In Process

bug

bug

dev-triage

documentation

duplicate

enhancement

fixed

good first issue

help wanted

integration

invalid

pull-request

question

requires agent update

security

ui tweak

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/tacticalrmm#3263

No description provided.