1528166 – Log source IP and port on requests to the authorization module

Bug 1528166 - Log source IP and port on requests to the authorization module

Summary: Log source IP and port on requests to the authorization module

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-provider-ovn
Classification:	oVirt
Component:	provider
Sub Component:
Version:	unspecified
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	medium
Target Milestone:	ovirt-4.2.1
Target Release:	---
Assignee:	Dominik Holler
QA Contact:	Mor
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-12-21 07:31 UTC by Mor
Modified:	2018-02-12 11:48 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	No Doc Update
Doc Text:	undefined
Clone Of:
Environment:
Last Closed:	2018-02-12 11:48:54 UTC
oVirt Team:	Network
Embargoed:
Flags:	rule-engine: ovirt-4.2+ ylavi: exception+

Attachments	(Terms of Use)
logs (544.74 KB, application/octet-stream) 2017-12-21 07:31 UTC, Mor	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	85634	0	master	MERGED	Add client IP address to log	2018-01-03 12:18:48 UTC
oVirt gerrit	85644	0	master	MERGED	Log auth requests to engine	2018-01-05 09:25:22 UTC

Description Mor 2017-12-21 07:31:27 UTC

Created attachment 1370751 [details]
logs

Description of problem:
We currently do not log the IP address of client requests to the authorization module (in ovirt-provider-ovn.log). It is hard to track the source of the requests without looking at client side logs. I suggest adding a log for each message that can be linked to client sessions. For example: <DATE> <TIME> [<CLIENT_IP, CLIENT_SOURCE_PORT>] <MSG_TYPE> : <MSG>

Version-Release number of selected component (if applicable):
ovirt-provider-ovn-1.2.2-1.el7ev.noarch

How reproducible:
100%

Steps to Reproduce:
1. Request a token and use it to send request to the provider (GET, POST, etc.)

Actual results:
2017-12-20 20:09:57,053   Starting server
2017-12-20 20:09:57,053   Version: 1.2.2-1
2017-12-20 20:09:57,054   Build date: 20171212155302
2017-12-20 20:09:57,054   Githash: c2d4257
2017-12-20 20:19:00,638   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:00,776   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:12,868   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:13,246   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:13,981   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:14,148   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:14,295   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:14,675   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:14,805   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:14,915   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,051   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,279   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,420   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,529   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,650   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com
2017-12-20 20:19:15,721   Starting new HTTPS connection (1): network-ge-2.scl.lab.tlv.redhat.com

Expected results:
See description.

Additional info:

Comment 1 Dan Kenigsberg 2017-12-21 07:40:24 UTC

Isn't it a duplicate of bug 1527894 ?

Comment 2 Mor 2017-12-21 07:55:23 UTC

No, the other one is for the provider, this one is for the authorization module. Dominik already added a patch.

Comment 3 Mor 2018-01-14 10:13:09 UTC

Verified on:
RHV 4.2.1.1-0.1.el7
ovirt-provider-ovn-1.2.4-1.el7ev.noarch

Comment 4 Sandro Bonazzola 2018-02-12 11:48:54 UTC

This bugzilla is included in oVirt 4.2.1 release, published on Feb 12th 2018.

Since the problem described in this bug report should be
resolved in oVirt 4.2.1 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.

Note You need to log in before you can comment on or make changes to this bug.