[Users] oVirt auditing
Jakub Bittner
j.bittner at nbu.cz
Thu Dec 5 15:51:06 UTC 2013
Hello,
I am curious how to audit user actions in oVirt web interface. From
engine.log we are able to extract when user logged in, when he updated
vnicProfile and so, but we can not get exact changes (behavior).
Right now I can get logs like:
2013-12-05 16:35:46,270 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-6) Correlation ID: 7e60ae1, Call Stack: null,
Custom Event ID: -1, Message: Interface nic1 (VirtIO) was updated for VM
test.test.org. (User: user1)
But it would be nice to get logs like:
2013-12-05 16:35:46,270 INFO
[org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector]
(ajp--127.0.0.1-8702-6) Correlation ID: 7e60ae1, Call Stack: null,
Custom Event ID: -1, Message: Interface nic1 (VirtIO) was updated for VM
test.test.org *from secure_vlan to unsecure_vlan*. (User: user1)
My point is to have a feature which can give us possibility to construct
exact user behavior and action in managing oVirt. It could be useful not
even in hunting bugs, but primary in security problem hunting.
Thank you.
Jakub Bittner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/users/attachments/20131205/0a6c1c39/attachment-0001.html>
More information about the Users
mailing list