Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4494

[RFE] Document api audit logging actions for default *APIs in more detail

XMLWordPrintable

    • False
    • None
    • False
    • auth
    • Not Selected

      1. Proposed title of this feature request

      Document what gets logged into the the following API's as they are used for auditing purposes for more clarity on what gets logged

      oauth-apiserver
      openshift-apiserver
      kube-apiserver

      2. What is the nature and description of the request?

      Customers want to filter logging for security purposes. When viewing through the current set of audit logs, they do not know which type of activities are actually being logged to these APIs when audit is turned on and forwarding to their logstack. For example, which apiserver actually records actions such as authentication, resource deletion, etc. - is it only kube-apiserver, or do they all log these actions.

      3. Why does the customer need this? (List the business requirements here)

      Customer wants to know what is being logged into these APIs and make a determination on if they need to grab what's being logged there for security auditing purposes.

      Today the kube-apiserver has a document detailing what is logged. While the other 2 apiserver related APIs do not have much content on what is being logged and the customer needs to know if these are also needed to be captured during a security audit.

      4. List any affected packages or components.

      oauth-apiserver
      openshift-apiserver
      kube-apiserver

              wcabanba@redhat.com William Caban
              rh-ee-syangsao Sam Yangsao
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: