New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Question] - How to enable audit devices to stdout and save in Stackdriver Logs? #9
Comments
Can you share more of that screenshot? The logs should be there, including the Vault startup logs. Can you make sure you're looking at the correct container? What does |
Thanks for the quick reply @sethvargo . See the full screenshot below (hiding few fields for security reasons): The logs for the If I run Thanks for the help! |
Hmm - that's really weird, since they are deployed the same. Are you able to reproduce it on a new cluster? |
I'd have to try creating a new cluster and building Vault again. I'll post the results once I am able to replicate the environment in a new cluster. Let me know if you find anything meanwhile. Thank you. |
I'm not able to reproduce it on my end. If you're familiar with Terraform, github.com/sethvargo/vault-on-gke is a one-command version of this same thing. |
Thank you @sethvargo, I'll try to use the Terrraform script for my testing. For now I'll go ahead and close this ticket. Sam. |
Hello,
First of all, thanks for the awesome tutorial. It is very handy.
We have implemented this in our production cluster and were having issues getting the audit device logs to Stackdriver logs.
I have enabled the audit device to stdout by doing the following:
vault audit enable file file_path=stdout
Which I can confirm that is outputting to stdout on the vault container, if I check the logs with:
kubectl logs vault-0 -f vault
But unfortunately those logs are not being saved in Stackdriver for some reason, and I was not able to find more info on how to enable or troubleshoot it. See picture below for my stackdriver log on the vault container:
Thanks in advance for the help.
Sam.
The text was updated successfully, but these errors were encountered: