[keystone][swift] audit logs
sharath.madhava at gmail.com
Mon May 23 06:33:48 UTC 2022
Hi Pete, everyone,
Kindly confirm the audit support for Swift. If there is a document with a
support matrix for keystone audit middleware, It will help a lot. Kindly
point to any supporting document.
On Thu, May 19, 2022 at 8:57 PM Sharath Ck <sharath.madhava at gmail.com>
> Hi Pete,
> That’s correct. Audit map file path is picked from proxy_server.conf but
> notification details are not. Is this a known issue? Or Audit is not
> supported in Swift ?
> On Thu, 19 May 2022 at 8:53 PM, Pete Zaitcev <zaitcev at redhat.com> wrote:
>> I looked briefly at keystonemiddleware.audit here
>> And I highly doubt that it can work in Swift's pipeline.
>> For one thing, it gets its configuration with oslo_config,
>> and I don't know if that's compatible.
>> -- Pete
>> On Wed, 18 May 2022 13:59:50 +0530
>> Sharath Ck <sharath.madhava at gmail.com> wrote:
>> > Hi,
>> > I am currently trying to add keystone audit middleware in Swift.
>> > is managed in swift proxy server, hence I have added the audit filter in
>> > proxy server conf and have mentioned audit_middleware_notifications
>> > as log in swift.conf .
>> > I can see REST API call flow reaching audit middleware and constructing
>> > audit event with minimal data as Swift is not loading service catalog
>> > information. But the audit event is not getting notified as per
>> > audit_middleware_notifications. I tried adding
>> > with the driver as log, but audit events are not getting notified.
>> > Below are the changes in swift_proxy_server container,
>> > proxy-server.conf
>> > [pipeline:main]
>> > pipeline = catch_errors gatekeeper healthcheck cache container_sync bulk
>> > tempurl ratelimit formpost authtoken keystoneauth audit container_quotas
>> > account_quotas slo dlo keymaster encryption proxy-server
>> > [filter:audit]
>> > paste.filter_factory = keystonemiddleware.audit:filter_factory
>> > audit_map_file = /etc/swift/api_audit_map.conf
>> > swift.conf
>> > [oslo_messaging_notifications]
>> > driver = log
>> > [audit_middleware_notifications]
>> > driver = log
>> > Kindly confirm whether the configuration changes are enough or need more
>> > changes.
>> > Regards,
>> > Sharath
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openstack-discuss