Feature #7988
closed
Logs: Log every administrative action taken by a user
Added by Neil Levine about 10 years ago.
Updated over 9 years ago.
Description
Many enterprise users have strict security policies which require that all events generated by a user are explicitly logged, so audits can be performed to detect for signs of malicious or accidental behavior.
The events can be logged to syslog as normal but need to be clearly marked as user actions, as opposed to automatic events generated by the software.
- As a security admin, I want to review the Ceph logs to see what actions a specific user took at a certain time.
- Target version set to 0.83
- Target version changed from 0.83 to 0.83 cont.
- Assignee set to Joao Eduardo Luis
- Target version changed from 0.83 cont. to 0.84
- Status changed from 12 to Fix Under Review
as per Neil's request, this is what will be logged to syslog:
mon.0 127.0.0.1:6789/0 3 : from='client.? 127.0.0.1:0/1021037' entity='client.admin' cmd=[{"prefix": "health"}]: dispatch
mon.0 127.0.0.1:6789/0 4 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: dispatch
mon.0 127.0.0.1:6789/0 5 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: finished
mon.0 127.0.0.1:6789/0 6 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: dispatch
mon.0 127.0.0.1:6789/0 7 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: finished
- Target version changed from 0.84 to 0.85
- Subject changed from Logs: Log every administrative action taken by a user to Logs: Log every administrative action taken by a user
- Status changed from Fix Under Review to In Progress
- Target version changed from 0.85 to 0.85 cont.
- Target version changed from 0.85 cont. to 0.86
- Status changed from In Progress to Resolved
Also available in: Atom
PDF