28 lines
1.2 KiB
ReStructuredText
28 lines
1.2 KiB
ReStructuredText
Audit
|
|
=====
|
|
|
|
Anchor produces audit messages using the PyCADF library and aims for CADF
|
|
compatibility. The two events being emitted right now are ``audit.sign`` and
|
|
``audit.auth``, used for certificate signing and authentication events
|
|
respectively.
|
|
|
|
In the configuration, audit events can be sent either to the log stream, or
|
|
to the standard openstack message queue. This is configured using the
|
|
``audit.target`` option. See the :doc:`configuration section <configuration>`
|
|
for more details.
|
|
|
|
Capturing events in Ceilometer
|
|
------------------------------
|
|
|
|
In order to get events processed by Ceilometer, two configuration files need to
|
|
be provided - event pipeline and definitions. The default
|
|
``event_pipeline.yaml`` as described in Ceilometer documentation is compatible
|
|
with Anchor. As for ``event_definitions.yaml``, it needs to include the
|
|
``audit.auth`` and ``audit.sign`` events.
|
|
|
|
On the Ceilometer side, it needs the `notification agent`_ installed in order
|
|
to receive data from the message queue. Add incoming events will then be saved
|
|
and visible after running ``ceilometer event-list``.
|
|
|
|
.. _notification agent: http://docs.openstack.org/developer/ceilometer/architecture.html#notification-agents-listening-for-data
|