Ceph » RADOS

I expect that all setting changes will show up in the audit log (based on https://access.redhat.com/documentation/en-us/red_hat_ceph_storage/3/html-single/data_security_and_hardening_guide/index#auditing-administrator-actions-security). However, this setting doesn't show up there.

The impact was that our monitoring started showing warnings after a coworker set that setting to true. I spent a couple of hours trying to understand how it got flipped from false, which is the default in our deployments. It would have been great help to see it in the audit log, but even worse, when I didn't see it there I assumed the change was coming from somewhere else.

Once I know what was going on, I was able to find the setting change in the /var/log/ceph/ceph-mon.* log files for a different Ceph node than the one I was logged on. The advantage of the audit log is that it's the same in all nodes.