Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

KES audit logging only works for some commands #480

Open
ramondeklein opened this issue Aug 21, 2024 · 0 comments
Open

KES audit logging only works for some commands #480

ramondeklein opened this issue Aug 21, 2024 · 0 comments
Assignees
@aead

Comments

@ramondeklein
Copy link
Contributor

I ran my private KES instance (backed by Azure Key Vault) with the following enabled in the configuration:

log:
  error: on
  audit: on

It only seems to log to standard output when either createKey, importKey or deleteKey are invoked. All other operations don't emit anything to standard output. When I look at the code only the calls that I mentioned are calling auditLogger.Log.

Some errors (like bad client certificate) are logged to stderr, but some other (like creating a key that already exists) aren't logged to stderr.

Although audit logging is emitted to stdout, I also run KES CLI with the log --audit command. When I create a key, then it shows the following header:

Time        Status    Identity                IP                 API                               Latency

But the actual logs are not shown. When running with --json nothing shows up too. According to the documentation, it should show something like this:
image
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aead aead

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ramondeklein @aead