Merge "Renaming audit map conf sample file"

This commit is contained in:
Jenkins 2016-12-02 19:10:23 +00:00 committed by Gerrit Code Review
commit 0a124c2bc0
5 changed files with 14 additions and 13 deletions

View File

@ -7,7 +7,7 @@ API Audit Logging
Audit middleware supports delivery of CADF audit events via Oslo messaging
notifier capability. Based on `notification_driver` configuration, audit events
can be routed to messaging infrastructure (notification_driver = messagingv2)
or can be routed to a log file (notification_driver = log).
or can be routed to a log file (`[oslo_messaging_notifications]/driver = log`).
Audit middleware creates two events per REST API interaction. First event has
information extracted from request data and the second one has request outcome
@ -38,7 +38,7 @@ to ``/etc/ironic/ironic.conf``.
[audit]
...
audit_map_file=/etc/ironic/ironic_api_audit_map.conf
audit_map_file=/etc/ironic/api_audit_map.conf
#. Comma separated list of Ironic REST API HTTP methods to be ignored during audit.
For example: GET,POST. It is used only when API audit is enabled.

View File

@ -21,7 +21,7 @@ validate = None
boot_device = None
supported = None
console = None
vendor_passthrus = vendor_passthru
vendor_passthru = vendor_passthru
# map endpoint type defined in service catalog to CADF typeURI

View File

@ -574,12 +574,13 @@
# Path to audit map file for ironic-api service. Used only
# when API audit is enabled. (string value)
#audit_map_file = /etc/ironic/ironic_api_audit_map.conf
#audit_map_file = /etc/ironic/api_audit_map.conf
# Comma separated list of Ironic REST API HTTP methods to be
# ignored during audit. For example: auditing will not be done
# on any GET or POST requests if this is set to "GET,POST". It
# is used only when API audit is enabled. (string value)
# ignored during audit logging. For example: auditing will not
# be done on any GET or POST requests if this is set to
# "GET,POST". It is used only when API audit is enabled.
# (string value)
#ignore_req_list = <None>

View File

@ -21,15 +21,15 @@ opts = [
' (for ironic-api service).')),
cfg.StrOpt('audit_map_file',
default='/etc/ironic/ironic_api_audit_map.conf',
default='/etc/ironic/api_audit_map.conf',
help=_('Path to audit map file for ironic-api service. '
'Used only when API audit is enabled.')),
cfg.StrOpt('ignore_req_list',
help=_('Comma separated list of Ironic REST API HTTP methods '
'to be ignored during audit. For example: auditing '
'will not be done on any GET or POST requests '
'if this is set to "GET,POST". It is used '
'to be ignored during audit logging. For example: '
'auditing will not be done on any GET or POST '
'requests if this is set to "GET,POST". It is used '
'only when API audit is enabled.')),
]

View File

@ -3,11 +3,11 @@ features:
- |
The ironic-api service now supports logging audit messages of
API calls. The following configuration parameters have been added.
By default auditing of ironic-api service is turned off.
By default audit logging for ironic-api service is turned off.
* ``[audit]/enabled``
* ``[audit]/ignore_req_list``
* ``[audit]/audit_map_file``
Further documentation for this feature is available at
http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html.
http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html .