-
Notifications
You must be signed in to change notification settings - Fork 124
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support SIGHUP logrotation for audit (and other logs) #1758
Comments
Hey :) |
Could you provide more information about your use case? Audit logging has a little bit of overhead so that's why we try to keep that path as lean as possible. Typically a log collector would either scrape the stdout/stderr of the process or read from a particular file so I am curious to understand why you need both. |
You can possibly achieve that by piping through tee. |
Hey :) Diving deeper into the actual problem: Thus, currently we have to decide to either:
So to summarize my problem: That is not a technical blocker. But in environments, where you do not have everything under your own control, that would be a feature that would be (at least for us) very handy. :) |
@MarcoJanecki thanks for the explanation. That's indeed a frustrating situation. I am not familiar with Azure but a quick search suggests that Azure Logic Apps can export data from LAW to a storage account (https://learn.microsoft.com/en-us/azure/azure-monitor/logs/logs-export-logic-app). Is that something you might be able to get access to? We'll look into the possibility of adding multiple audit destinations. However, as I mentioned above, it has some performance overhead so I can't guarantee that we'll definitely be able to support it in the near term. |
Enables `file` audit logs to be automatically rotated. Also adds ability to write audit entries to multiple destinations. Fixes cerbos#1758 Signed-off-by: Charith Ellawala <charith@cerbos.dev>
Enables `file` audit logs to be automatically rotated. Also adds ability to write audit entries to multiple destinations. Fixes #1758 Signed-off-by: Charith Ellawala <charith@cerbos.dev>
Is there an existing issue for this?
Feature description
At present the audit logs do not support traditional log rotation, making it harder to manage over time.
What would the ideal solution look like to you?
It would be good to support traditional SIGHUP log rotation, or more advanced log rotation mechanism (e.g. as covered in the ZAP FAQ, https://github.com/uber-go/zap/blob/master/FAQ.md#does-zap-support-log-rotation)
Anything else?
No response
The text was updated successfully, but these errors were encountered: