Add documentation for audit
Add description for the audit configuration and short note about usage with Ceilometer. Change-Id: I40fa00d3667bea1aca81482abb3a7ad5b81e8761
This commit is contained in:
parent
ebfaa3c929
commit
b2819654bb
|
@ -0,0 +1,27 @@
|
||||||
|
Audit
|
||||||
|
=====
|
||||||
|
|
||||||
|
Anchor produces audit messages using the PyCADF library and aims for CADF
|
||||||
|
compatibility. The two events being emited right now are ``audit.sign`` and
|
||||||
|
``audit.auth``, used for certificate signing and authentication events
|
||||||
|
respectively.
|
||||||
|
|
||||||
|
In the configuration, audit events can be sent either to the log stream, or
|
||||||
|
to the standard openstack message queue. This is configured using the
|
||||||
|
``audit.target`` option. See the :doc:`configuration section <configuration>`
|
||||||
|
for more details.
|
||||||
|
|
||||||
|
Capturing events in Ceilometer
|
||||||
|
------------------------------
|
||||||
|
|
||||||
|
In order to get events processed by Ceilometer, two configuration files need to
|
||||||
|
be provided - event pipeline and definitions. The default
|
||||||
|
``event_pipeline.yaml`` as described in Ceilometer documentation is compatible
|
||||||
|
with Anchor. As for ``event_definitions.yaml``, it needs to include the
|
||||||
|
``audit.auth`` and ``audit.sign`` events.
|
||||||
|
|
||||||
|
On the Ceilometer side, it needs the `notification agent`_ installed in order
|
||||||
|
to receive data from the message queue. Add incoming events will then be saved
|
||||||
|
and visible after running ``ceilometer event-list``.
|
||||||
|
|
||||||
|
.. _notification agent: http://docs.openstack.org/developer/ceilometer/architecture.html#notification-agents-listening-for-data
|
|
@ -168,6 +168,33 @@ Each validator has its own set of parameters described separately in the
|
||||||
:doc:`fixups section </fixups>`
|
:doc:`fixups section </fixups>`
|
||||||
|
|
||||||
|
|
||||||
|
Audit
|
||||||
|
-----
|
||||||
|
|
||||||
|
Audit has two possible targets: ``log`` for output in the standard logging
|
||||||
|
stream and ``messaging`` for the openstack message queue. The first one doesn't
|
||||||
|
require any extra options:
|
||||||
|
|
||||||
|
.. code:: json
|
||||||
|
|
||||||
|
{
|
||||||
|
"audit": {
|
||||||
|
"target": "log"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
The message queue version requires defining a target in a way compatible with
|
||||||
|
``oslo_messaging`` `transport URIs`_. For example:
|
||||||
|
|
||||||
|
.. code:: json
|
||||||
|
|
||||||
|
{
|
||||||
|
"audit": {
|
||||||
|
"target": "messaging",
|
||||||
|
"url": "rabbit:guest@localhost:5672"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Example configuration
|
Example configuration
|
||||||
---------------------
|
---------------------
|
||||||
|
|
||||||
|
@ -209,3 +236,5 @@ Example configuration
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.. _transport URIs: https://wiki.openstack.org/wiki/Oslo/Messaging#Transports
|
||||||
|
|
|
@ -19,6 +19,7 @@ Contents:
|
||||||
ephemeralPKI
|
ephemeralPKI
|
||||||
validators
|
validators
|
||||||
fixups
|
fixups
|
||||||
|
audit
|
||||||
|
|
||||||
|
|
||||||
Indices and tables
|
Indices and tables
|
||||||
|
|
Loading…
Reference in New Issue