Project

General

Profile

Actions
Copy link

Feature #7988

closed

Logs: Log every administrative action taken by a user

Added by Neil Levine about 10 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Joao Eduardo Luis
Category:
-
Target version:
0.86
% Done:

0%

Source:
Support
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:

Description

Many enterprise users have strict security policies which require that all events generated by a user are explicitly logged, so audits can be performed to detect for signs of malicious or accidental behavior.

The events can be logged to syslog as normal but need to be clearly marked as user actions, as opposed to automatic events generated by the software.

  • As a security admin, I want to review the Ceph logs to see what actions a specific user took at a certain time.
Actions
Copy link
 #1

Updated by Neil Levine almost 10 years ago

  • Target version set to 0.83
Actions
Copy link
 #2

Updated by Sage Weil almost 10 years ago

  • Target version changed from 0.83 to 0.83 cont.
Actions
Copy link
 #3

Updated by Joao Eduardo Luis almost 10 years ago

  • Assignee set to Joao Eduardo Luis
Actions
Copy link
 #4

Updated by Neil Levine almost 10 years ago

  • Target version changed from 0.83 cont. to 0.84
Actions
Copy link
 #5

Updated by Joao Eduardo Luis almost 10 years ago

  • Status changed from 12 to Fix Under Review
Actions
Copy link
 #6

Updated by Joao Eduardo Luis almost 10 years ago

as per Neil's request, this is what will be logged to syslog:

mon.0 127.0.0.1:6789/0 3 : from='client.? 127.0.0.1:0/1021037' entity='client.admin' cmd=[{"prefix": "health"}]: dispatch
mon.0 127.0.0.1:6789/0 4 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: dispatch
mon.0 127.0.0.1:6789/0 5 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: finished
mon.0 127.0.0.1:6789/0 6 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: dispatch
mon.0 127.0.0.1:6789/0 7 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: finished
Actions
Copy link
 #7

Updated by Joao Eduardo Luis almost 10 years ago

  • Target version changed from 0.84 to 0.85
Actions
Copy link
 #8

Updated by Joao Eduardo Luis almost 10 years ago

  • Subject changed from Logs: Log every administrative action taken by a user to Logs: Log every administrative action taken by a user
  • Status changed from Fix Under Review to In Progress
Actions
Copy link
 #9

Updated by Samuel Just over 9 years ago

  • Target version changed from 0.85 to 0.85 cont.
Actions
Copy link
 #10

Updated by Ian Colle over 9 years ago

  • Target version changed from 0.85 cont. to 0.86
Actions
Copy link
 #11

Updated by Sage Weil over 9 years ago

  • Status changed from In Progress to Resolved
Actions
Copy link

Also available in: Atom PDF