[Openstack] Audit Trail
Kieran Evans
keyz182 at gmail.com
Thu Mar 8 15:50:40 UTC 2012
This could be an issue auditing failed requests, i.e. when unauthorised requests are made against an api, if I understand correctly, those would be dropped before being put on the queue.
Also, I thought that if written as a middleware wsgi component, no modification of the existing code would be necessary, it would just be a change in a config file. Or am I misunderstanding again?
/Kieran
On 8 Mar 2012, at 02:01, heut2008 wrote:
> May be get user actions from message queue is more efficient,also,in this way,you need not change the nova code.
>
> 2012/3/7 Kieran Evans <keyz182 at gmail.com>
> Hi There,
>
> I'm looking at implementing some form of Auditing/logging for various components, with the main aim of having a full audit trail of all user actions, for various legal, and general troubleshooting/support purposes.
>
> Firstly, I'm wondering if there's already an implementation of something like this, or an effort towards it. I've had a look, but didn't see anything relevant.
>
> Secondly, I'm trying to work out the best approach to this. My first guess would be a WSGI middleware on all the APIs that logs every request, either to a message queue for log service to pull and put into a DB, or put it directly into a DB.
>
> If done as middleware, I envisage it being quite a simple, lightweight one, as it only has to pull the needed data from the request before sending it on.
>
> Any and all comments are welcome, I stumbled onto this idea this morning, so I've only had a few hours thinking about it while working on other things.
>
> Thanks
> /Kieran
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to : openstack at lists.launchpad.net
> Unsubscribe : https://launchpad.net/~openstack
> More help : https://help.launchpad.net/ListHelp
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20120308/aea97de6/attachment.html>
More information about the Openstack
mailing list