Quick update:
adding the following to your config:
rgw log http headers = "http_authorization"
rgw ops log socket path = /tmp/rgw
rgw enable ops log = true
rgw enable usage log = true
and you can now
nc -U /tmp/rgw |./jq --stream 'fromstream(1|truncate_stream(inputs))'
{
"time": "2018-03-12 21:42:19.479037Z",
"time_local": "2018-03-12 21:42:19.479037",
"remote_addr": "",
"user": "test",
"operation": "PUT",
"uri": "/testbucket/",
"http_status": "200",
"error_code": "",
"bytes_sent": 19,
"bytes_received": 0,
"object_size": 0,
"total_time": 600967,
"user_agent": "Boto/2.46.1 Python/2.7.12 Linux/4.4.0-42-generic",
"referrer": "",
"http_x_headers": [
{
"HTTP_AUTHORIZATION": "AWS <aws key id>: <signature>"
}
]
}
pretty good start on getting an audit log going!
On Mar 9, 2018, at 10:52 PM, Konstantin Shalygin
<k0...@k0ste.ru<mailto:k0...@k0ste.ru>> wrote:
Unfortunately I can't quite figure out how to use it. I've got "rgw log http
headers = "authorization" in my ceph.conf but I'm getting no love in the rgw
log.
I think this shold have 'http_' prefix, like:
rgw log http headers = "http_host, http_x_forwarded_for"
k
CONFIDENTIALITY NOTICE
This e-mail message and any attachments are only for the use of the intended
recipient and may contain information that is privileged, confidential or
exempt from disclosure under applicable law. If you are not the intended
recipient, any disclosure, distribution or other use of this e-mail message or
attachments is prohibited. If you have received this e-mail message in error,
please delete and notify the sender immediately. Thank you.
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
