Bug 1650543

Summary: Excessive logging of OpenScap report via Rails
Product: Red Hat Satellite Reporter: Lukas Zapletal <lzap>
Component: LoggingAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED ERRATA QA Contact: Stephen Wadeley <swadeley>
Severity: high Docs Contact:
Priority: high    
Version: 6.4.0CC: anrussel, egolov, ktordeur, lzap, mayadav, mmccune, oprazak, patalber, pmoravec, rbertolj, roarora, viggiani, vwariyal
Target Milestone: 6.5.0Keywords: Triaged
Target Release: Unused   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: tfm-rubygem-foreman_openscap-0.11.0-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-05-14 12:38:50 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
downloading scap content with debug logs xml none

Comment 1 Lukas Zapletal 2018-11-16 13:13:46 UTC 
Created redmine issue https://projects.theforeman.org/issues/25482 from this bug
Comment 2 Lukas Zapletal 2018-11-16 13:58:46 UTC 
Hotfixing an existing instance is easy, just add the two new files into /usr/share/foreman and restart httpd:

https://github.com/theforeman/foreman/pull/6252/files
Comment 5 Lukas Zapletal 2018-11-16 14:50:03 UTC 
The issue https://projects.theforeman.org/issues/21127 is somehow related but a different bug actually.
Comment 6 Lukas Zapletal 2018-11-19 08:45:01 UTC 
REL-ENG: There are two possible solutions:

1) Patch in core

2) Patch only for OpenSCAP plugin

I don't know yet which one gets merged upstream, cherry pick one or another please. It is possible that both are accepted as well, in that case only merge the OpenSCAP one.
Comment 7 Lukas Zapletal 2018-11-19 11:08:18 UTC 
Please cherry pick the OpenSCAP patch only:

https://projects.theforeman.org/issues/21127

Let's keep the changes in core upstream only.
Comment 8 Evgeni Golov 2018-11-19 15:12:22 UTC 
(In reply to Lukas Zapletal from comment #7)
> Please cherry pick the OpenSCAP patch only:
> 
> https://projects.theforeman.org/issues/21127
> 
> Let's keep the changes in core upstream only.

Just to double check, pulling in https://projects.theforeman.org/issues/21127 (which already have, as we have foreman_openscap 0.11.1) is sufficient to fix this BZ?

If it is, then I think the other redmine issue should be unlinked here.
Comment 9 Lukas Zapletal 2018-11-20 08:39:28 UTC 
Yes, for 6.5 the bug is actually fixed (foreman_openscap 0.11.0 or older).

For 6.4 we need to cherry pick. I guess we can remove the ACK for 6.5? Not sure what is the process in this case.
Comment 10 Evgeni Golov 2018-11-20 16:42:19 UTC 
Cool, so marking as built in 6.5

For 6.4, someone (Mike?) will need to clone this properly, as this BZ is for 6.5.
Comment 16 Ondřej Pražák 2019-01-03 08:40:34 UTC 
There are 2 endpoints with excessive logging: 

* uploading reports to server as originally reported here by lzap.
Reproducer is to upload a report by running foreman_scap_client and observe the foreman logs. Large amount of data should no longer be seen in logs when report is uploaded.

* downloading scap content as xml
change logging level to debug
download scap content as xml - there should be no xml in logs

I expect both of these to be fixed, though the second one is not too critical for production, because the logging is on info level by default.
Comment 17 Ondřej Pražák 2019-01-03 08:41:22 UTC 
Created attachment 1518095 [details]
downloading scap content with debug logs xml
Comment 27 Lukas Zapletal 2019-04-24 14:34:12 UTC 
For googlers:

There is actually a possible workaround for Satellite 6.4, a patch which I created for Rails and then for Foreman which sends all parameter logs into separate logger called "params" which can be then disabled. However the patch did not make it both into Rails or Foreman and Satellite 6.5 already contains a different solution for OpenSCAP. But the patch is easy to apply:

https://github.com/theforeman/foreman/pull/6252/files
Comment 30 errata-xmlrpc 2019-05-14 12:38:50 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2019:1222
Comment 33 Mimmus 2020-08-04 16:01:48 UTC 
(In reply to Lukas Zapletal from comment #27)
> For googlers:
> 
> There is actually a possible workaround for Satellite 6.4, a patch which I
> created for Rails and then for Foreman which sends all parameter logs into
> separate logger called "params" which can be then disabled. However the
> patch did not make it both into Rails or Foreman and Satellite 6.5 already
> contains a different solution for OpenSCAP. But the patch is easy to apply:
> 
> https://github.com/theforeman/foreman/pull/6252/files

We still are at 6.4 (on the path from 6.3 to 6.5) and used your workaround to solve the problem of arf reports in production.log