Bug 1268750

Summary: Central Logging of user activity for openstack resources.
Product: Red Hat OpenStack Reporter: Pratik Pravin Bandarkar <pbandark>
Component: RFEsAssignee: RHOS Maint <rhos-maint>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: unspecified    
Version: 6.0 (Juno)CC: cshastri, jschluet, lars, markmc, mburns, srevivo
Target Milestone: ---Keywords: FutureFeature, ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-07-17 15:24:46 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pratik Pravin Bandarkar 2015-10-05 07:14:07 UTC
1. Proposed title of this feature request  
  Central Logging of user activity for Open Stack resources.

3. What is the nature and description of the request?  
  Currently when a user executes a command either by Horizon UI or via REST API very few actions are logged properly against the user.  Even the logging of the start/stop is only done by libvirt on the hypervisor.

 While you can pull up activity via "nova instance-action-list" and this is very helpful from a forensics point of view. 

For detailed auditing and monitoring of actions interactive executing commands will not be used, but instead, log files stream sent to a central monitoring/logging/audit faqcility.  The primary issue is security analytics is done using LOG data and very little of OS user activity is properly and accurately logged to the various log files.

Comment 3 Lars Kellogg-Stedman 2017-07-17 15:24:46 UTC
We deliver support for centralized logging with OSP 11. If individual services are not logging necessary metadata (such as the user that initiated a request), that should probably be handled as an RFE against the individual service.