[Openstack] [OpenStack][Neutron] configuring keystone middleware audit?

Kevin Benton blak111 at gmail.com
Sat Jul 18 07:56:30 UTC 2015 

I'm not familiar with that keystone middleware audit filter. How is that
map file supposed to work? The entries don't seem to make sense to me, some
are just plural mappings while others are completely different or map to
None.

On Fri, Jul 17, 2015 at 5:29 PM, John Stanford <john at solinea.com> wrote:

> Hi,
>
> Sorry about the resend, but subjects are good...
>
> I’ve been trying to get the API audit data flowing based on this document:
>
> http://docs.openstack.org/developer/keystonemiddleware/audit.html
>
> So far, I’ve been able to get nova, cinder, and glance to do the right
> thing,
> but neutron doesn’t seem to want to play. I am getting some events through
> to ceilometer.  For example, when I create a port, I get a start and end
> event similar to this:
>
> {
>    "_index": "events_2015-07-17",
>    "_type": "port.create.end",
>    "_id": "e1dbf819-3e77-4357-b8db-83a359ef7cd9",
>    "raw": { },
>    "timestamp": "2015-07-17T23:10:37.846477",
>    "traits": {
>         "user_id": "e70fcebd828349ca8f1393e62ac87756",
>         "service": "network.myhost.com",
>         "resource_id": "09c1388a-59fe-49e9-bb17-fb353fd8dd3a",
>         "tenant_id": "970f2364df174040862210c9185c80ce",
>         "request_id": "req-3e2722e6-1903-477c-9523-2e4926caa6fb",
>         "project_id": "970f2364df174040862210c9185c80ce"
> }
>
> For other services, I’ll see a CADF formatted http.request.audit event.
>
> Here are the edits I’ve made to /etc/neutron/api-paste.ini file:
>
> # added the audit filter to the keystone pipeline after authtoken
> [composite:neutronapi_v2_0]
> use = call:neutron.auth:pipeline_factory
> noauth = request_id catch_errors extensions neutronapiapp_v2_0
> keystone = request_id catch_errors authtoken keystonecontext audit
> extensions neutronapiapp_v2_0
>
>
> # added the audit filter
> [filter:audit]
> paste.filter_factory = keystonemiddleware.audit:filter_factory
> audit_map_file = /etc/neutron/neutron_api_audit_map.conf
>
> The map file is snagged from here:
>
>
> https://github.com/openstack/pycadf/blob/master/etc/pycadf/neutron_api_audit_map.conf
>
> Any suggestions, war stories, requests for more detail, etc. are greatly
> appreciated.
>
>
> Thanks,
> John
> @jxstanford
>
>
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>



-- 
Kevin Benton
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150718/c74b5a60/attachment.html>

More information about the Openstack mailing list