Configure audit log export via API

Open the CLI.
Create a virtual environment:
```
python3 -m venv .venv
```
Activate the virtual environment:
```
source .venv/bin/activate
```
Go to the script directory:
```
cd auditlog-integration
```
Install the necessary dependencies:
```
pip3 install -r requirements.txt
```
Create a .env configuration file:
```
touch .env
```
Open the .env configuration file:
```
nano .env
```
Fill in the .env configuration file:

8.1. Add a block with parameters for authenticating to the Audit Logs service API:
```
AUDIT_LOGS_URL=<base_url>/v1/logs
USERNAME=<username>
PASSWORD=<password>
ACCOUNT_ID=<account_id>
```
Specify:
- <base_url> — the URL for accessing the audit logs API in the required pool. See the list of URLs in the List of URLs guide;
- <username> — the name of the service user you created at step 1;
- <password> — the service user password. If the password contains [ ] \ ^ $. |? * + () characters, escape them by placing a backslash \ before the character;
- <account_id> — account ID, which can be viewed in the Control Panel in the top-right corner.
8.2. Add a block with event delivery parameters:
```
TRANSPORT_TYPE=file
```
By default, logs are saved to the script directory in the events.txt file.

8.3. Add a line with the API polling interval:
```
POLL_INTERVAL=<poll_interval>
```
Specify <poll_interval> — the API polling interval in seconds (default is 30).

8.4. Exit the file while saving changes by pressing Ctrl+X → Y → Enter.

8.5. Optional: change the file name where logs are saved. To do this, in the script folder in the savers.py file, within the class FileSaver block, change the value in the self.filename field.
Run the script:
```
python3 main.py
```

Open the CLI.
Create a virtual environment:
```
python3 -m venv .venv
```
Activate the virtual environment:
```
source .venv/bin/activate
```
Go to the script directory:
```
cd auditlog-integration
```
Install the necessary dependencies:
```
pip3 install -r requirements.txt
```
Create a .env configuration file:
```
touch .env
```
Open the .env configuration file:
```
nano .env
```
Fill in the .env configuration file:

8.1. Add a block with parameters for authenticating to the Audit Logs service API:
```
AUDIT_LOGS_URL=<base_url>/v1/logs
USERNAME=<username>
PASSWORD=<password>
ACCOUNT_ID=<account_id>
```
Specify:
- <base_url> — the URL for accessing the audit logs API in the required pool. See the list of URLs in the List of URLs guide;
- <username> — the name of the service user you created at step 1;
- <password> — the service user password. If the password contains [ ] \ ^ $. |? * + () characters, escape them by placing a backslash \ before the character;
- <account_id> — account ID, which can be viewed in the Control Panel in the top-right corner.
8.2. Add a block with event delivery parameters:
```
TRANSPORT_TYPE=syslog
SYSLOG_HOST=<syslog_host>
SYSLOG_PORT=<syslog_port>
```
Specify:
- <syslog_host> — the IP address of the SIEM system;
- <syslog_port> — the port on the specified IP address.
The IP address and port can be found in your SIEM system settings.

8.3. Add a line with the API polling interval:
```
POLL_INTERVAL=<poll_interval>
```
Specify <poll_interval> — the API polling interval in seconds (default is 30).

8.4. Exit the file while saving changes by pressing Ctrl+X → Y → Enter.
Run the script:
```
python3 main.py
```

Open the CLI.
Create a virtual environment:
```
python3 -m venv .venv
```
Activate the virtual environment:
```
source .venv/bin/activate
```
Go to the script directory:
```
cd auditlog-integration
```
Install the necessary dependencies:
```
pip3 install -r requirements.txt
```
Create a .env configuration file:
```
touch .env
```
Open the .env configuration file:
```
nano .env
```
Fill in the .env configuration file:

8.1. Add a block with parameters for authenticating to the Audit Logs service API:
```
AUDIT_LOGS_URL=<base_url>/v1/logs
USERNAME=<username>
PASSWORD=<password>
ACCOUNT_ID=<account_id>
```
Specify:
- <base_url> — the URL for accessing the audit logs API in the required pool. See the list of URLs in the List of URLs guide;
- <username> — the name of the service user you created at step 1;
- <password> — the service user password. If the password contains [ ] \ ^ $. |? * + () characters, escape them by placing a backslash \ before the character;
- <account_id> — account ID, which can be viewed in the Control Panel in the top-right corner.
8.2. Add a block with event delivery parameters:
```
TRANSPORT_TYPE=http
HTTP_URL=<http_url>
HTTP_USERNAME=<http_username>
HTTP_PASSWORD=<http_password>
HTTP_VERIFY_SSL=<verify_ssl>
```
Specify:
- <http_url> — the URL of the endpoint where the SIEM system receives logs;
- <http_username> — the SIEM system user name;
- <http_password> — the SIEM system user password;
- <verify_ssl> — whether to verify the TLS(SSL) certificate when connecting to the SIEM system: true — enable verification, false — disable verification.
8.3. Add a line with the API polling interval:
```
POLL_INTERVAL=<poll_interval>
```
Specify <poll_interval> — the API polling interval in seconds (default is 30).

8.4. Exit the file while saving changes by pressing Ctrl+X → Y → Enter.
Run the script:
```
python3 main.py
```

1. Create a service user

2. Get an account IAM token

3. Get the script for exporting audit logs to a SIEM system

4. Configure and run the script