Open Stack

On Wed, Oct 3, 2012 at 5:42 AM, Pitucha, Stanislaw Izaak
<stanislaw.pitucha at hp.com> wrote:
...> - Add a system similar to notifications, but for auditable events - who did
> what with which resource at what time - in some semi-structured way that
> allows reviewing and summaries (basic information as separate columns + a
> description as a text message). I saw there was some blueprint for a
> cloudaudit api
> (https://blueprints.launchpad.net/openstack-common/+spec/cloud-audit-api),
> but not much happened with it for a year, so I'm assuming it's dead now.

There is a django implementation of an audit API at
https://launchpad.net/auditor/ (also on pypi) - this was written for
precisely the use case you describe - to let auditing be done in a
freeform way, to let tools query the audit history, and to let it be
used from heterogeneous services. Does it fit your needs?

> This would allow both proper cleanup of the data and retention of what's
> really necessary. It would also make it possible to use unique constraints
> where they're really needed (mainly IP descriptions) to prevent silly
> mistakes.
>
> Any additional external processing of deleted records would be easier to do
> because the database trigger could be just set on the delete action.
> Thoughts, comments and critique welcome :) Let me know what you think about
> these issues.

+1 on the whole thing :)

-Rob