Browse Source

Renaming audit map conf sample file

This change fixes nits mentioned in reviews of commit 295b35c48f

* Renaming ironic_api_audit_map.conf.sample file to
  api_audit_map.conf.sample

* Doc change --> changing to [oslo_messaging_notifications]/driver
  as notification_driver is deprecated

* Renaming path_keyword vendor_passthru in api_audit_map.conf.sample

Change-Id: Ib073598cea1e9acc9788e2db85f814f0295134ef
changes/99/350399/8
Lokesh S 6 years ago
committed by Vladyslav Drok
parent
commit
bd0610232a
  1. 4
      doc/source/deploy/api-audit-support.rst
  2. 2
      etc/ironic/api_audit_map.conf.sample
  3. 9
      etc/ironic/ironic.conf.sample
  4. 8
      ironic/conf/audit.py
  5. 4
      releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml

4
doc/source/deploy/api-audit-support.rst

@ -6,7 +6,7 @@ API Audit Logging
Audit middleware supports delivery of CADF audit events via Oslo messaging
notifier capability. Based on `notification_driver` configuration, audit events
can be routed to messaging infrastructure (notification_driver = messagingv2)
or can be routed to a log file (notification_driver = log).
or can be routed to a log file (`[oslo_messaging_notifications]/driver = log`).
Audit middleware creates two events per REST API interaction. First event has
information extracted from request data and the second one has request outcome
@ -37,7 +37,7 @@ to ``/etc/ironic/ironic.conf``.
[audit]
...
audit_map_file=/etc/ironic/ironic_api_audit_map.conf
audit_map_file=/etc/ironic/api_audit_map.conf
#. Comma separated list of Ironic REST API HTTP methods to be ignored during audit.
For example: GET,POST. It is used only when API audit is enabled.

2
etc/ironic/ironic_api_audit_map.conf.sample → etc/ironic/api_audit_map.conf.sample

@ -21,7 +21,7 @@ validate = None
boot_device = None
supported = None
console = None
vendor_passthrus = vendor_passthru
vendor_passthru = vendor_passthru
# map endpoint type defined in service catalog to CADF typeURI

9
etc/ironic/ironic.conf.sample

@ -561,12 +561,13 @@
# Path to audit map file for ironic-api service. Used only
# when API audit is enabled. (string value)
#audit_map_file = /etc/ironic/ironic_api_audit_map.conf
#audit_map_file = /etc/ironic/api_audit_map.conf
# Comma separated list of Ironic REST API HTTP methods to be
# ignored during audit. For example: auditing will not be done
# on any GET or POST requests if this is set to "GET,POST". It
# is used only when API audit is enabled. (string value)
# ignored during audit logging. For example: auditing will not
# be done on any GET or POST requests if this is set to
# "GET,POST". It is used only when API audit is enabled.
# (string value)
#ignore_req_list = <None>

8
ironic/conf/audit.py

@ -21,15 +21,15 @@ opts = [
' (for ironic-api service).')),
cfg.StrOpt('audit_map_file',
default='/etc/ironic/ironic_api_audit_map.conf',
default='/etc/ironic/api_audit_map.conf',
help=_('Path to audit map file for ironic-api service. '
'Used only when API audit is enabled.')),
cfg.StrOpt('ignore_req_list',
help=_('Comma separated list of Ironic REST API HTTP methods '
'to be ignored during audit. For example: auditing '
'will not be done on any GET or POST requests '
'if this is set to "GET,POST". It is used '
'to be ignored during audit logging. For example: '
'auditing will not be done on any GET or POST '
'requests if this is set to "GET,POST". It is used '
'only when API audit is enabled.')),
]

4
releasenotes/notes/adding-audit-middleware-b95f2a00baed9750.yaml

@ -3,11 +3,11 @@ features:
- |
The ironic-api service now supports logging audit messages of
API calls. The following configuration parameters have been added.
By default auditing of ironic-api service is turned off.
By default audit logging for ironic-api service is turned off.
* ``[audit]/enabled``
* ``[audit]/ignore_req_list``
* ``[audit]/audit_map_file``
Further documentation for this feature is available at
http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html.
http://docs.openstack.org/developer/ironic/deploy/api-audit-support.html .

Loading…
Cancel
Save