[Openstack-operators] Audit Logging - Interested? What's missing?
George Mihaiescu
lmihaiescu at gmail.com
Thu Nov 17 12:26:53 UTC 2016
Same need here, I want to know who changed a security group and what change was done. Just the logged POST on the API is not enough to properly audit the operation.
> On Nov 16, 2016, at 19:51, Kris G. Lindgren <klindgren at godaddy.com> wrote:
>
> I need to do a deeper dive on audit logging.
>
> However, we have a requirement for when someone changes a security group that we log what the previous security group was and what the new security group is and who changed it. I don’’t know if this is specific to our crazy security people or if others security peoples want to have this. I am sure I can think of others.
>
>
> ___________________________________________________________________
> Kris Lindgren
> Senior Linux Systems Engineer
> GoDaddy
>
> On 11/16/16, 3:29 PM, "Tom Fifield" <tom at openstack.org> wrote:
>
> Hi Ops,
>
> Was chatting with Department of Defense in Australia the other day, and
> one of their pain points is Audit Logging. Some bits of OpenStack just
> don't leave enough information for proper audit. So, thought it might be
> a good idea to gather people who are interested to brainstorm how to get
> it to a good level for all :)
>
> Does your cloud need good audit logging? What do you wish was there at
> the moment, but isn't?
>
>
> Regards,
>
>
> Tom
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
>
>
> _______________________________________________
> OpenStack-operators mailing list
> OpenStack-operators at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
More information about the OpenStack-operators
mailing list