Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit log for etcd key/value changes #10662

Closed
martezr opened this issue Apr 19, 2019 · 5 comments
Closed

Audit log for etcd key/value changes #10662

martezr opened this issue Apr 19, 2019 · 5 comments
Labels
stale type/feature

Comments

@martezr
Copy link

martezr commented Apr 19, 2019

There was a request for audit logging in #5019 and a possible solution was to leverage the --debug flag. The problem with this is that it degrades the performance of the cluster as noted in the documentation (https://coreos.com/etcd/docs/3.3.1/op-guide/monitoring.html).

This request is to allow audit data to be written to a log file or shipped to a syslog server. I don't see a need for the data to be stored in etcd as this would just be for security purposes. The following information should be included in the log entry.

  • The IP address of the originating request
  • Who made the change
  • What was the operation (get, put, update, etc.)
  • What keys were part of the request
  • When the change was made
@jingyih
Copy link
Contributor

jingyih commented Apr 19, 2019

Are you proposing to use a separate flag to enable the audit logging? Or to separate the output of audit logging from the other logs generated when --debug flag is enabled?

Currently the log output is set using --log-outputs flag, so the audit logging messages can be written to a log file (with other log messages together).

When audit logging is enabled, system performance is likely to be degraded due to generating and outputting the necessary information. We probably should do better job benchmarking the result.

@martezr
Copy link
Author

martezr commented Apr 19, 2019

I would propose at least a separate flag to provide better clarity. Ideally the audit logs could be separated from the other debug messages to allow them to be decoupled. This would allow auditing to be turned on without debugging. The notion of running a cluster continuously with debug logging just seems a bit strange.

@pjhdld
Copy link

pjhdld commented Aug 19, 2019

--log-outputs

Are you proposing to use a separate flag to enable the audit logging? Or to separate the output of audit logging from the other logs generated when --debug flag is enabled?

Currently the log output is set using --log-outputs flag, so the audit logging messages can be written to a log file (with other log messages together).

When audit logging is enabled, system performance is likely to be degraded due to generating and outputting the necessary information. We probably should do better job benchmarking the result.

@jingyih @martezr If I only want to record in the log which ip will connect to the etcd and disconnected logs, can this be done with the --log-outputs flag?

@stale
Copy link

stale bot commented Apr 6, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed after 21 days if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Apr 6, 2020
@stale stale bot closed this as completed Apr 27, 2020
@Jeffwan Jeffwan mentioned this issue May 26, 2021
Closed
@Romashovm
Copy link

up!
It's actual issue for me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stale type/feature
Milestone
No milestone
Development

No branches or pull requests
4 participants
@martezr @Romashovm @jingyih @pjhdld