Subset list of users we track for auto data loading

openshift · Apr 17, 2024 · 13d6080 · 13d6080
1 parent 330e0cc
commit 13d6080
Showing 1 changed file with 14 additions and 0 deletions.
diff --git a/pkg/monitortests/kubeapiserver/auditloganalyzer/audit_log_summarizer.go b/pkg/monitortests/kubeapiserver/auditloganalyzer/audit_log_summarizer.go
@@ -15,6 +15,8 @@ import (
 	auditv1 "k8s.io/apiserver/pkg/apis/audit/v1"
 )
 
+var monitoredUsers = []string{"kube-", "openshift-", "system:node"}
+
 // every audit log summarizer is not threadsafe. The idea is that you use one per thread and
 // later combine the summarizers together into an overall summary
 type AuditLogSummary struct {
@@ -448,9 +450,21 @@ func URIToParts(uri string) (string, schema.GroupVersionResource, string, string
 	return ns, gvr, name, ""
 }
 
+func isMonitoredUser(user string) bool {
+	for _, partialUser := range monitoredUsers {
+		if strings.Contains(user, partialUser) {
+			return true
+		}
+	}
+	return false
+}
+
 func writeAuditLogDL(artifactDir, timeSuffix string, auditLogSummary *AuditLogSummary) {
 	rows := make([]map[string]string, 0)
 	for _, uv := range auditLogSummary.perUserRequestCount {
+		if !isMonitoredUser(uv.user) {
+			continue
+		}
 		for rk, rv := range uv.perResourceRequestCount {
 			for vk, vv := range rv.perVerbRequestCount {
 				for sk, sv := range vv.perHTTPStatusRequestCount {