-
Notifications
You must be signed in to change notification settings - Fork 885
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[MD] Logging and Auditing #1986
Labels
multiple datasource
multiple datasource project
Comments
Reference1. Kibana Audit Serviceelastic/kibana#52125 2. Grafana Audit logs for datasource managementData sources management
* 3. OpenSearch security plugin audit log example
|
@zengyan-amazon @seraphjiang Any thoughts? |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Task breakdown
Research Notes
Some questions we need to answer
Logging
Data source logging will log datasource, query, time, and error, with correct logging setting and client settings in
osd.yml
Similar to what we currently have with default single opensearch cluster. It makes use of the event emitter provided by
opensearch-js
client lib, that hook into internal events, such as request and response. Doc ReferenceCurrent logging
OpenSearch-Dashboards/src/core/server/opensearch/client/configure_client.ts
Lines 51 to 72 in 5fb4143
Auditing
Security Plugin Audit Log feature
[Proposed Solution] OSD Audit Service + Logging service
Audit
interfaces in core, and make use of the logging service to write output to file by configuring "logging -> custom appender". The audit service can get the authenticated user info, then we can enrich that with datasouce, timestamp, query, error to create single audit log line, and saved to some file on diskcore - audit service
data source plugin -> audit trail client
data source plugin -> plugin.ts
The text was updated successfully, but these errors were encountered: