Escalated to Bugzilla from IssueTracker
Event posted on 07-31-2009 03:38pm EDT by RFE-tool 1) Customer Name: Nomura Securities 2) Nature Of Problem: Customer cannot provide txt based logs which show the remote commands listed which are executed from the Satellite to their auditing team. Currently they are providing screenshots of the Satellite WebUI which is cumbersome for them to manually gather. 3) Business Requirements Satisfied By Request: Internal security audits require that password changes are recorded and reports are provided upon request. If there were text based logs somewhere on the Satellite server that provided the osa-dispatcher events then they would quickly be able to generate the reports required by their audit folks. 4) Functional Requirements That Are Not Presently Possible: They need a log from osa-dispather that shows the command, remote hostname, and time of execution. 5) What Will Success Look Like: A txt based log of remote events. 6) Desired Release Vehicle: RHN Minor release. 7) Request Meets The Rhel Inclusion Criteria: Yes 8) Affected Packages: osa-dispatcher, rhn-satellite ? 9) Sales Sponsor: Tushar Shah 10) Rh Business Opportunity With Customer: RHEL deployment is expanding with a current acquisition of ex-Lehman traders. 11) Status And Risk To Contract If Not Satisfied: Customer will try to implement an unsupported solution (i.e. accessing the underlying Satellite database directly). 12) If this request is vendor specific, has the customer engaged the partner as well?: Not Applicable This event sent from IssueTracker by jwest [SEG - Feature Request] issue 316677
Moving to Satellite 6 product. Going to investigate how we can audit mcollective and gofer remote calls to satisfy this request.
For reference: related Bug 579885 "[RFE] log the remote command results on the machine that runs them" has bee implemented in Satellite 5.6 (see commits for more details)
Verified in Satellite 6.2 Beta Snap 9 Compose 2. This feature was delivered with the new Remote Execution plugin. You can now query the /api/job_invocations path to see a list of job invocations. these can also be individually queried to give you a result like the one below. { "id": 27, "description": "Run ping -c 5 google.com", "job_category": "Commands", "targeting_id": 27, "status": 0, "start_at": "2016-04-15 13:13:12 UTC", "status_label": "succeeded", "dynflow_task": { "id": "ab03799f-c4a6-4982-ab4e-f2a9dbe652d1", "state": "stopped" }, "succeeded": 1, "failed": 0, "pending": 0, "total": 1, "targeting": { "bookmark_id": null, "search_query": "name = myhost.redhat.com", "targeting_type": "static_query", "user_id": 3, "hosts": [] }, "template_invocations": [] }
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2016:1501