Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit log filter and marker #45456

Merged
merged 6 commits into from
Nov 15, 2019
Merged

Audit log filter and marker #45456

merged 6 commits into from
Nov 15, 2019

Conversation

albertzaharovits
Copy link
Contributor

@albertzaharovits albertzaharovits commented Aug 12, 2019
edited
Loading

This adds a log marker and a marker filter for the audit log.

Closes #47251

@albertzaharovits albertzaharovits self-assigned this Aug 12, 2019
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@albertzaharovits
Copy link
Contributor Author

@elasticmachine run elasticsearch-ci/2

@colings86 colings86 added v7.5.0 and removed v7.4.0 labels Aug 30, 2019
tvernum
tvernum reviewed Oct 7, 2019
View reviewed changes
...security/src/main/java/org/elasticsearch/xpack/security/audit/logfile/LoggingAuditTrail.java Outdated
@@ -151,6 +158,8 @@
"indices",
(key) -> Setting.listSetting(key, Collections.singletonList("*"), Function.identity(), Property.NodeScope, Property.Dynamic));

private static final Marker AUDIT_MARKER = MarkerManager.getMarker("AUDIT");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we prefix this with ES_? I hope none of our dependencies are using Marker objects, but if they are we want to be extra sure that we don't get name conflicts.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point! I have renamed the marker to org.elasticsearch.xpack.security.audit .

Please take another look.

@polyfractal polyfractal added v7.4.3 and removed v7.4.2 labels Oct 31, 2019
@jimczi jimczi added v7.6.0 and removed v7.5.0 labels Nov 12, 2019
@albertzaharovits
Copy link
Contributor Author

@elasticmachine update branch

@albertzaharovits albertzaharovits merged commit 5775ca8 into elastic:master Nov 15, 2019
@albertzaharovits albertzaharovits deleted the filter_for_audit_log branch November 15, 2019 10:30
@albertzaharovits albertzaharovits mentioned this pull request Nov 15, 2019
Merged
This was referenced Nov 15, 2019
Merged
Merged
albertzaharovits added a commit that referenced this pull request Nov 15, 2019
@albertzaharovits
Audit log filter and marker (#45456)
e600765 
This adds a log marker and a marker filter for the audit log.

Closes #47251
albertzaharovits added a commit that referenced this pull request Nov 15, 2019
@albertzaharovits
Audit log filter and marker (#45456)
9ef69f7 
This adds a log marker and a marker filter for the audit log.

Closes #47251
@jimczi jimczi added v7.5.0 and removed v7.5.1 labels Nov 19, 2019
This was referenced Feb 3, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvernum tvernum tvernum approved these changes

Assignees

@albertzaharovits albertzaharovits

Labels
>bug :Security/Audit X-Pack Audit logging v6.8.6 v7.5.0 v7.6.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Cluster level log settings can inadvertently enable the deprecated *_access log
8 participants
@albertzaharovits @elasticmachine @tvernum @colings86 @jakelandis @polyfractal @jimczi @tomcallahan