Bug 1268750 - Central Logging of user activity for openstack resources.
Summary: Central Logging of user activity for openstack resources.
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Red Hat OpenStack
Classification: Red Hat
Component: RFEs
Version: 6.0 (Juno)
Hardware: All
OS: Linux
unspecified
medium
Target Milestone: ---
: ---
Assignee: RHOS Maint
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-10-05 07:14 UTC by Pratik Pravin Bandarkar
Modified: 2017-07-17 15:24 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-07-17 15:24:46 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Pratik Pravin Bandarkar 2015-10-05 07:14:07 UTC
1. Proposed title of this feature request  
  Central Logging of user activity for Open Stack resources.

3. What is the nature and description of the request?  
  Currently when a user executes a command either by Horizon UI or via REST API very few actions are logged properly against the user.  Even the logging of the start/stop is only done by libvirt on the hypervisor.

 While you can pull up activity via "nova instance-action-list" and this is very helpful from a forensics point of view. 

For detailed auditing and monitoring of actions interactive executing commands will not be used, but instead, log files stream sent to a central monitoring/logging/audit faqcility.  The primary issue is security analytics is done using LOG data and very little of OS user activity is properly and accurately logged to the various log files.

Comment 3 Lars Kellogg-Stedman 2017-07-17 15:24:46 UTC
We deliver support for centralized logging with OSP 11. If individual services are not logging necessary metadata (such as the user that initiated a request), that should probably be handled as an RFE against the individual service.


Note You need to log in before you can comment on or make changes to this bug.