Bug 1268750 - Central Logging of user activity for openstack resources.
Central Logging of user activity for openstack resources.
Status: CLOSED CURRENTRELEASE
Product: Red Hat OpenStack
Classification: Red Hat
Component: RFEs (Show other bugs)
6.0 (Juno)
All Linux
unspecified Severity medium
: ---
: ---
Assigned To: RHOS Maint
: FutureFeature, ZStream
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-10-05 03:14 EDT by Pratik Pravin Bandarkar
Modified: 2017-07-17 11:24 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2017-07-17 11:24:46 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Pratik Pravin Bandarkar 2015-10-05 03:14:07 EDT
1. Proposed title of this feature request  
  Central Logging of user activity for Open Stack resources.

3. What is the nature and description of the request?  
  Currently when a user executes a command either by Horizon UI or via REST API very few actions are logged properly against the user.  Even the logging of the start/stop is only done by libvirt on the hypervisor.

 While you can pull up activity via "nova instance-action-list" and this is very helpful from a forensics point of view. 

For detailed auditing and monitoring of actions interactive executing commands will not be used, but instead, log files stream sent to a central monitoring/logging/audit faqcility.  The primary issue is security analytics is done using LOG data and very little of OS user activity is properly and accurately logged to the various log files.
Comment 3 Lars Kellogg-Stedman 2017-07-17 11:24:46 EDT
We deliver support for centralized logging with OSP 11. If individual services are not logging necessary metadata (such as the user that initiated a request), that should probably be handled as an RFE against the individual service.

Note You need to log in before you can comment on or make changes to this bug.