Feature #7988
Logs: Log every administrative action taken by a user
% Done:
0%
Source:
Support
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
Many enterprise users have strict security policies which require that all events generated by a user are explicitly logged, so audits can be performed to detect for signs of malicious or accidental behavior.
The events can be logged to syslog as normal but need to be clearly marked as user actions, as opposed to automatic events generated by the software.
- As a security admin, I want to review the Ceph logs to see what actions a specific user took at a certain time.
Associated revisions
mon: Monitor: log every administrative action in an 'audit log'
Fixes: #7988
Signed-off-by: Joao Eduardo Luis <joao.luis@inktank.com>
History
#1 Updated by Neil Levine over 5 years ago
- Target version set to 0.83
#2 Updated by Sage Weil over 5 years ago
- Target version changed from 0.83 to 0.83 cont.
#3 Updated by Joao Eduardo Luis over 5 years ago
- Assignee set to Joao Eduardo Luis
#4 Updated by Neil Levine over 5 years ago
- Target version changed from 0.83 cont. to 0.84
#5 Updated by Joao Eduardo Luis over 5 years ago
- Status changed from 12 to Fix Under Review
#6 Updated by Joao Eduardo Luis over 5 years ago
as per Neil's request, this is what will be logged to syslog:
mon.0 127.0.0.1:6789/0 3 : from='client.? 127.0.0.1:0/1021037' entity='client.admin' cmd=[{"prefix": "health"}]: dispatch mon.0 127.0.0.1:6789/0 4 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: dispatch mon.0 127.0.0.1:6789/0 5 : from='client.? 127.0.0.1:0/1022845' entity='client.admin' cmd=[{"prefix": "log", "logtext": ["foo"]}]: finished mon.0 127.0.0.1:6789/0 6 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: dispatch mon.0 127.0.0.1:6789/0 7 : from='client.? 127.0.0.1:0/1023184' entity='client.admin' cmd=[{"prefix": "auth get-or-create", "entity": "client.foo"}]: finished
#7 Updated by Joao Eduardo Luis over 5 years ago
- Target version changed from 0.84 to 0.85
#8 Updated by Joao Eduardo Luis over 5 years ago
- Subject changed from Logs: Log every administrative action taken by a user to Logs: Log every administrative action taken by a user
- Status changed from Fix Under Review to In Progress
#9 Updated by Samuel Just over 5 years ago
- Target version changed from 0.85 to 0.85 cont.
#10 Updated by Ian Colle over 5 years ago
- Target version changed from 0.85 cont. to 0.86
#11 Updated by Sage Weil over 5 years ago
- Status changed from In Progress to Resolved