From bd0610232a91e9924ea89896f7caa3f71641f23d Mon Sep 17 00:00:00 2001 From: Lokesh S Date: Wed, 3 Aug 2016 06:37:45 +0000 Subject: [PATCH] Renaming audit map conf sample file This change fixes nits mentioned in reviews of commit 295b35c48f7dcc * Renaming ironic_api_audit_map.conf.sample file to api_audit_map.conf.sample * Doc change --> changing to [oslo_messaging_notifications]/driver as notification_driver is deprecated * Renaming path_keyword vendor_passthru in api_audit_map.conf.sample Change-Id: Ib073598cea1e9acc9788e2db85f814f0295134ef --- doc/source/deploy/api-audit-support.rst | 4 ++-- ...i_audit_map.conf.sample => api_audit_map.conf.sample} | 2 +- etc/ironic/ironic.conf.sample | 9 +++++---- ironic/conf/audit.py | 8 ++++---- .../notes/adding-audit-middleware-b95f2a00baed9750.yaml | 4 ++-- 5 files changed, 14 insertions(+), 13 deletions(-) rename etc/ironic/{ironic_api_audit_map.conf.sample => api_audit_map.conf.sample} (95%) diff --git a/doc/source/deploy/api-audit-support.rst b/doc/source/deploy/api-audit-support.rst index a83204c91c..cc669204a8 100644 --- a/doc/source/deploy/api-audit-support.rst +++ b/doc/source/deploy/api-audit-support.rst @@ -6,7 +6,7 @@ API Audit Logging Audit middleware supports delivery of CADF audit events via Oslo messaging notifier capability. Based on `notification_driver` configuration, audit events can be routed to messaging infrastructure (notification_driver = messagingv2) -or can be routed to a log file (notification_driver = log). +or can be routed to a log file (`[oslo_messaging_notifications]/driver = log`). Audit middleware creates two events per REST API interaction. First event has information extracted from request data and the second one has request outcome @@ -37,7 +37,7 @@ to ``/etc/ironic/ironic.conf``. [audit] ... - audit_map_file=/etc/ironic/ironic_api_audit_map.conf + audit_map_file=/etc/ironic/api_audit_map.conf #. Comma separated list of Ironic REST API HTTP methods to be ignored during audit. For example: GET,POST. It is used only when API audit is enabled. diff --git a/etc/ironic/ironic_api_audit_map.conf.sample b/etc/ironic/api_audit_map.conf.sample similarity index 95% rename from etc/ironic/ironic_api_audit_map.conf.sample rename to etc/ironic/api_audit_map.conf.sample index a8076e2ab3..b2569defb0 100644 --- a/etc/ironic/ironic_api_audit_map.conf.sample +++ b/etc/ironic/api_audit_map.conf.sample @@ -21,7 +21,7 @@ validate = None boot_device = None supported = None console = None -vendor_passthrus = vendor_passthru +vendor_passthru = vendor_passthru # map endpoint type defined in service catalog to CADF typeURI diff --git a/etc/ironic/ironic.conf.sample b/etc/ironic/ironic.conf.sample index df778417d4..e58fa02435 100644 --- a/etc/ironic/ironic.conf.sample +++ b/etc/ironic/ironic.conf.sample @@ -561,12 +561,13 @@ # Path to audit map file for ironic-api service. Used only # when API audit is enabled. (string value) -#audit_map_file = /etc/ironic/ironic_api_audit_map.conf +#audit_map_file = /etc/ironic/api_audit_map.conf # Comma separated list of Ironic REST API HTTP methods to be -# ignored during audit. For example: auditing will not be done -# on any GET or POST requests if this is set to "GET,POST". It -# is used only when API audit is enabled. (string value) +# ignored during audit logging. For example: auditing will not +# be done on any GET or POST requests if this is set to +# "GET,POST". It is used only when API audit is enabled. +# (string value) #ignore_req_list = diff --git a/ironic/conf/audit.py b/ironic/conf/audit.py index 5e1d4b5a04..784e588362 100644 --- a/ironic/conf/audit.py +++ b/ironic/conf/audit.py @@ -21,15 +21,15 @@ opts = [ ' (for ironic-api service).')), cfg.StrOpt('audit_map_file', - default='/etc/ironic/ironic_api_audit_map.conf', + default='/etc/ironic/api_audit_map.conf', help=_('Path to audit map file for ironic-api service. ' 'Used only when API audit is enabled.')), cfg.StrOpt('ignore_req_list', help=_('Comma separated list of Ironic REST API HTTP methods ' - 'to be ignored during audit. For example: auditing ' - 'will not be done on any GET or POST requests ' - 'if this is set to "GET,POST". It is used ' + 'to be ignored during audit logging. For example: ' + 'auditing will not be done on any GET or POST ' + 'requests if this is set to "GET,POST". It is used ' 'only when API audit is enabled.')), ] diff --git a/releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml b/releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml index 31b0833e18..c0c4037847 100644 --- a/releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml +++ b/releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml @@ -3,11 +3,11 @@ features: - | The ironic-api service now supports logging audit messages of API calls. The following configuration parameters have been added. - By default auditing of ironic-api service is turned off. + By default audit logging for ironic-api service is turned off. * ``[audit]/enabled`` * ``[audit]/ignore_req_list`` * ``[audit]/audit_map_file`` Further documentation for this feature is available at - http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html. + http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html .