feat: implement audit log #503
Merged
Commits on Aug 2, 2024
-
This PR implements audit logs. To enable it you have to set the `--audit-log-dir` flag to a directory where the audit logs will be stored. The audit logs are stored in a JSON format. Example: ```json {"event_type":"update","resource_type":"PublicKeys.omni.sidero.dev","event_ts":1722537710182,"event_data":{"user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36","ip_address":"<snip>","user_id":"a19a7a38-1793-4262-a9ef-97bc00c7a155","role":"Admin","email":"[email protected]","confirmation_type":"auth0","fingerprint":"15acb974f769bdccd38a4b28f282b78736b80bc7","public_key_expiration":1722565909}} ``` Keep in mind that `event_ts` are in milliseconds instead of seconds. Field `event_data` contains all relevant information about the event. To enabled it in the development environment you will have to add the `--audit-log-dir /tmp/omni-data/audit-logs` line to `docker-compose.override.yml` or run `generate-certs` again. For siderolabs#37 Signed-off-by: Dmitriy Matrenichev <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.