-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
4.16, 4.17
-
Moderate
-
None
-
False
-
In cluster logging operator 6.0 the ClusterlogForwarder moved from logging.openshift.io to observability.openshift.io.
CO will need to access ClusterlogForwarder from both APIs.
After installing logging 6 , ComplianceCheckResult "ocp4-cis-audit-log-forwarding-enabled" is failing as there is a change in APIversion of clusterlogforwarder. Log collection and forwarding configurations are now specified under the new API, part of the observability.openshift.io API group[1],
$ oc -n openshift-compliance get ccr ocp4-cis-audit-log-forwarding-enabled
NAME STATUS SEVERITY
ocp4-cis-audit-log-forwarding-enabled FAIL medium
$ oc get clusterlogforwarders.
clusterlogforwarders.logging.openshift.io clusterlogforwarders.observability.openshift.io
$ oc get clusterlogforwarders.observability.openshift.io
NAME AGE
instance 18m