New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable admin to send test OSSEC alert via the admin interface #2771
Conversation
I'm concerned this may not be in the right place. Should an admin journalist know about OSSEC at all ? |
Hmm, true - let me move this to the System configuration page added in #2769, that's a better home for this feature |
e9104b6
to
64f88f6
Compare
64f88f6
to
411f078
Compare
Sorry to be a kill joy but ... what I wonder is if we should start exposing things the journalist (even one who is an admin trusted to handle users) should never have to worry about. The OSSEC alerts are for the admin to see and the journalist should never know about it. I'm insisting because I have a feeling that if we open this door it will be very difficult to close when and if we change our mind later. That being said if you weighted the pros/cons already, I fully support your decision :-) |
Yep, I totally agree that we should not show this to a journalist user, and only to admins. In my view the purpose of the Admin Interface should be to provide a user-friendly place for an admin to do any app server tasks that would otherwise be done via Happy to discuss further, it's an important point :) |
That also means we will have to maintain access details between 3 types of users, that will surely increase the chances of mistakes. Maybe in code, maybe in actual operations. I would love to have an option without making users and their access states more complex. |
That was the information I did not have, thanks for clarifying. I was assuming journalists wiht admin permissions. In reality, as you observed in the field, the same person who uses the the journalist interface with the admin permission is also the the sysadmin that maintains the servers. I'll approve the pull request and let you merge if my understanding is correct. If I misinterpreted your explanation, please correct me :-) |
Status
Ready for review
Description of Changes
Implements #2770, enabling the sending of a test alert upon request to admins:
Testing
New tests should pass (and you can verify
journalist-error.log
is monitored in app OSSEC config)If you have prod VMs, you can
make build-debs
,vagrant provision /prod/
, and verify the alert is produced as expected following the documentation added in the PRDeployment
No special considerations
Checklist
If you made changes to the app code:
If you made changes to documentation: