openstack team mailing list archive

[Kieran Evans <keyz182@xxxxxxxxx>]

This could be an issue auditing failed requests, i.e. when unauthorised requests are made against an api, if I understand correctly, those would be dropped before being put on the queue.

Also, I thought that if written as a middleware wsgi component, no modification of the existing code would be necessary, it would just be a change in a config file. Or am I misunderstanding again?

/Kieran 
On 8 Mar 2012, at 02:01, heut2008 wrote:

> May be  get user actions from message queue is more efficient,also,in this way,you need not change the nova code.
> 
> 2012/3/7 Kieran Evans <keyz182@xxxxxxxxx>
> Hi There,
> 
> I'm looking at implementing some form of Auditing/logging for various components, with the main aim of having a full audit trail of all user actions, for various legal, and general troubleshooting/support purposes.
> 
> Firstly, I'm wondering if there's already an implementation of something like this, or an effort towards it. I've had a look, but didn't see anything relevant.
> 
> Secondly, I'm trying to work out the best approach to this. My first guess would be a WSGI middleware on all the APIs that logs every request, either to a message queue for log service to pull and put into a DB, or put it directly into a DB.
> 
> If done as middleware, I envisage it being quite a simple, lightweight one, as it only has to pull the needed data from the request before sending it on.
> 
> Any and all comments are welcome, I stumbled onto this idea this morning, so I've only had a few hours thinking about it while working on other things.
> 
> Thanks
> /Kieran
> _______________________________________________
> Mailing list: https://launchpad.net/~openstack
> Post to     : openstack@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~openstack
> More help   : https://help.launchpad.net/ListHelp
>