[Openstack-operators] Audit Logging - Interested? What's missing?

Shintaro Mizuno mizuno.shintaro at lab.ntt.co.jp
Fri Nov 18 00:33:48 UTC 2016 

Hi,

We had a similar security crazy thing too, and my colleague did a LT on 
this in Barcelona.

https://youtu.be/dCKh7Gxj3wQ?t=3160

Shintaro

On 2016/11/17 21:26, George Mihaiescu wrote:
> Same need here, I want to know who changed a security group and what change was done. Just the logged POST on the API is not enough to properly audit the operation.
>
>> On Nov 16, 2016, at 19:51, Kris G. Lindgren <klindgren at godaddy.com> wrote:
>>
>> I need to do a deeper dive on audit logging.
>>
>> However, we have a requirement for when someone changes a security group that we log what the previous security group was and what the new security group is and who changed it.  I don’’t know if this is specific to our crazy security people or if others security peoples want to have this.  I am sure I can think of others.
>>
>>
>> ___________________________________________________________________
>> Kris Lindgren
>> Senior Linux Systems Engineer
>> GoDaddy
>>
>> On 11/16/16, 3:29 PM, "Tom Fifield" <tom at openstack.org> wrote:
>>
>>     Hi Ops,
>>
>>     Was chatting with Department of Defense in Australia the other day, and
>>     one of their pain points is Audit Logging. Some bits of OpenStack just
>>     don't leave enough information for proper audit. So, thought it might be
>>     a good idea to gather people who are interested to brainstorm how to get
>>     it to a good level for all :)
>>
>>     Does your cloud need good audit logging? What do you wish was there at
>>     the moment, but isn't?
>>
>>
>>     Regards,
>>
>>
>>     Tom
>>
>>     _______________________________________________
>>     OpenStack-operators mailing list
>>     OpenStack-operators at lists.openstack.org
>>     http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>>
>>
>> _______________________________________________
>> OpenStack-operators mailing list
>> OpenStack-operators at lists.openstack.org
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>


-- 
Shintaro MIZUNO (水野伸太郎)
NTT Software Innovation Center
TEL: 0422-59-4977
E-mail: mizuno.shintaro at lab.ntt.co.jp

More information about the OpenStack-operators mailing list