yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #63781
[Bug 1688206] [NEW] Operations log polluted with policy requests
Public bug reported:
Currently operations log is polluted with a lot of requests regarding
policy enforcement which are not generated by the user explicitly, like
in the following example:
2017-05-04 10:09:51,683 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "modify_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,687 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "add_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,693 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "delete_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
As for auditing purposes these requests have no value, it would make
more sense to hide them by default or at least provide some
configuration option (like 'ignored_urls') in order for the operator to
be able to disable these entries.
** Affects: horizon
Importance: Undecided
Assignee: Mateusz Kowalski (makowals)
Status: In Progress
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1688206
Title:
Operations log polluted with policy requests
Status in OpenStack Dashboard (Horizon):
In Progress
Bug description:
Currently operations log is polluted with a lot of requests regarding
policy enforcement which are not generated by the user explicitly,
like in the following example:
2017-05-04 10:09:51,683 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "modify_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,687 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "add_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
2017-05-04 10:09:51,693 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "delete_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
As for auditing purposes these requests have no value, it would make
more sense to hide them by default or at least provide some
configuration option (like 'ignored_urls') in order for the operator
to be able to disable these entries.
To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1688206/+subscriptions
Follow ups
