-
Feature Request
-
Resolution: Done
-
Minor
-
None
-
None
-
None
-
False
-
None
-
False
-
auth
-
Not Selected
-
-
-
-
-
1. Proposed title of this feature request
Document what gets logged into the the following API's as they are used for auditing purposes for more clarity on what gets logged
oauth-apiserver
openshift-apiserver
kube-apiserver
2. What is the nature and description of the request?
Customers want to filter logging for security purposes. When viewing through the current set of audit logs, they do not know which type of activities are actually being logged to these APIs when audit is turned on and forwarding to their logstack. For example, which apiserver actually records actions such as authentication, resource deletion, etc. - is it only kube-apiserver, or do they all log these actions.
3. Why does the customer need this? (List the business requirements here)
Customer wants to know what is being logged into these APIs and make a determination on if they need to grab what's being logged there for security auditing purposes.
Today the kube-apiserver has a document detailing what is logged. While the other 2 apiserver related APIs do not have much content on what is being logged and the customer needs to know if these are also needed to be captured during a security audit.
4. List any affected packages or components.
oauth-apiserver
openshift-apiserver
kube-apiserver