use sova to check for selinux denials
sova is already parsing logs for common errors. Should be an easy win to flag selinux denials Change-Id: I5afd3998cce051905f7a972089230003a0a59d87
This commit is contained in:
parent
f8b71834a1
commit
0d20ac4696
|
@ -13,5 +13,6 @@
|
||||||
"ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log"
|
"ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log"
|
||||||
syslog: "/var/log/journal.txt"
|
syslog: "/var/log/journal.txt"
|
||||||
logstash: "/var/log/extra/logstash.txt"
|
logstash: "/var/log/extra/logstash.txt"
|
||||||
|
selinux: "/var/log/extra/denials.txt"
|
||||||
result: "{{ ansible_user_dir }}/workspace/logs/failures_file"
|
result: "{{ ansible_user_dir }}/workspace/logs/failures_file"
|
||||||
result_file_dir: "{{ ansible_user_dir }}/workspace/logs"
|
result_file_dir: "{{ ansible_user_dir }}/workspace/logs"
|
||||||
|
|
|
@ -775,3 +775,9 @@ patterns:
|
||||||
msg: 'Introspection failed, cannot get IP address'
|
msg: 'Introspection failed, cannot get IP address'
|
||||||
tag: 'infra'
|
tag: 'infra'
|
||||||
pattern: 'socket.error: [Errno 99] Cannot assign requested address'
|
pattern: 'socket.error: [Errno 99] Cannot assign requested address'
|
||||||
|
"selinux":
|
||||||
|
- id: 700
|
||||||
|
logstash: 'denied'
|
||||||
|
msg: 'selinux denials found'
|
||||||
|
tag: 'code'
|
||||||
|
pattern: 'denied'
|
||||||
|
|
Loading…
Reference in New Issue