New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[NEW] Enhancement request for acl log command #7711
Labels
Comments
Hello @nadirdbit Thanks for making the feature request. I'm afraid that changing the API will break compatibility, but adding the absolute timestamp can be considered. However, I'm not sure where you got the above quote from, can you provide the context? |
Hi Itamar/Team,
This quote was obtained from training session RU330.
Thank you.
Nadir
…On Wed, Aug 26, 2020 at 10:21 AM Itamar Haber ***@***.***> wrote:
Hello @nadirdbit <https://github.com/nadirdbit>
Thanks for making the feature request. I'm afraid that changing the API
will break compatibility, but adding the absolute timestamp can be
considered. However, I'm not sure where you got the above quote from, can
you provide the context?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#7711 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AP5GFC6PPFVPOPP6YERDETLSCUSAJANCNFSM4QLHMVUA>
.
|
@nadirdbit From an audit perspective, would you be interested in logging every single entry into the log instead of trying to group them together? |
Hi Madelyn/All,
It will likely be best for all failures to be logged - to minimize log
flooding, user account should get locked after a customizable 'n' such
consecutive failures and after user account locked, further failures can be
suppressed. Once user account is unlocked, any recurrent failures going
forward should continue to be logged.
A grouping by user account for requisite timeframe would be helpful via
RedisInsight using an appropriate auditor-related role for viewing this
failure exception data from acl.log and corresponding archives.
Thank you.
Nadir
…On Thu, Aug 27, 2020 at 5:53 PM Madelyn Olson ***@***.***> wrote:
@nadirdbit <https://github.com/nadirdbit> From an audit perspective,
would you be interested in logging every single entry into the log instead
of trying to group them together?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#7711 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AP5GFC7FQWBQMNFUT5CCDQ3SC3PWZANCNFSM4QLHMVUA>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Failure recorded in age-seconds - believe age-timestamp will be more helpful from an audit perspective
Thank you.
The text was updated successfully, but these errors were encountered: