[keystone][swift] audit logs
zaitcev at redhat.com
Thu May 19 15:23:14 UTC 2022
I looked briefly at keystonemiddleware.audit here
And I highly doubt that it can work in Swift's pipeline.
For one thing, it gets its configuration with oslo_config,
and I don't know if that's compatible.
On Wed, 18 May 2022 13:59:50 +0530
Sharath Ck <sharath.madhava at gmail.com> wrote:
> I am currently trying to add keystone audit middleware in Swift. Middleware
> is managed in swift proxy server, hence I have added the audit filter in
> proxy server conf and have mentioned audit_middleware_notifications driver
> as log in swift.conf .
> I can see REST API call flow reaching audit middleware and constructing the
> audit event with minimal data as Swift is not loading service catalog
> information. But the audit event is not getting notified as per
> audit_middleware_notifications. I tried adding oslo_messaging_notifications
> with the driver as log, but audit events are not getting notified.
> Below are the changes in swift_proxy_server container,
> pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk
> tempurl ratelimit formpost authtoken keystoneauth audit container_quotas
> account_quotas slo dlo keymaster encryption proxy-server
> paste.filter_factory = keystonemiddleware.audit:filter_factory
> audit_map_file = /etc/swift/api_audit_map.conf
> driver = log
> driver = log
> Kindly confirm whether the configuration changes are enough or need more
More information about the openstack-discuss