Bug 1925081 - The user token in kibana logs for logging.quiet: false
Summary: The user token in kibana logs for logging.quiet: false
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Logging
Version: 4.5
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
: 4.7.0
Assignee: ewolinet
QA Contact: Anping Li
Rolfe Dlugy-Hegwer
URL:
Whiteboard: logging-exploration
Depends On:
Blocks: 1925627
TreeView+ depends on / blocked
 
Reported: 2021-02-04 11:47 UTC by Anping Li
Modified: 2021-03-25 10:30 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
* Previously, the Kibana log level was increased not to suppress instructions to delete indices that failed to migrate, which also caused the display of GET requests at the INFO level that contained the Kibana user's email address and OAuth token. The current release fixes this issue by masking these fields, so the Kibana logs do not display them. (link:https://bugzilla.redhat.com/show_bug.cgi?id=1925081[*BZ#1925081*])
Clone Of:
Environment:
Last Closed: 2021-02-24 11:22:33 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift origin-aggregated-logging pull 2056 0 None closed Bug 1925081: Updating kibana logs to censor use access token and email address 2021-02-13 11:20:41 UTC
Red Hat Product Errata RHBA-2021:0652 0 None None None 2021-02-24 11:22:56 UTC

Comment 1 ewolinet 2021-02-04 19:37:59 UTC
for some reason the bot is unable to link this to the PR that fixes this...

https://github.com/openshift/origin-aggregated-logging/pull/2056

Comment 3 Anping Li 2021-02-08 14:18:22 UTC
Verified on elasticsearch-operator.5.0.0-44
"url": "https://access.redhat.com/containers/#/registry.access.redhat.com/openshift-logging/kibana6-rhel8/images/v5.0.0-21",

Comment 8 errata-xmlrpc 2021-02-24 11:22:33 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Errata Advisory for Openshift Logging 5.0.0), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:0652


Note You need to log in before you can comment on or make changes to this bug.