← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #65302

[Bug 1688206] Re: Operations log polluted with policy requests

  Thread PreviousDate PreviousThread Next 
Reviewed:  https://review.openstack.org/462437
Committed: https://git.openstack.org/cgit/openstack/horizon/commit/?id=9242e4902ec7470f2819fa84ad964adbcdcf5eb2
Submitter: Jenkins
Branch:    master

commit 9242e4902ec7470f2819fa84ad964adbcdcf5eb2
Author: Mateusz Kowalski <mateusz.kowalski@xxxxxxx>
Date:   Thu May 4 10:26:56 2017 +0200

    operation_log: Add ignored_urls parameter
    
    Request URLs can be put in ignored_urls in OPERATION_LOG_OPTIONS
    in order to ignore them from auditing.
    
    Change-Id: I6673e765fd88bc4230a3b7ced2ee227669136bb2
    Closes-Bug: #1688206


** Changed in: horizon
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Dashboard (Horizon).
https://bugs.launchpad.net/bugs/1688206

Title:
  Operations log polluted with policy requests

Status in OpenStack Dashboard (Horizon):
  Fix Released

Bug description:
  Currently operations log is polluted with a lot of requests regarding
  policy enforcement which are not generated by the user explicitly,
  like in the following example:

  2017-05-04 10:09:51,683 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "modify_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
  2017-05-04 10:09:51,687 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "add_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]
  2017-05-04 10:09:51,693 [Personal makowals] [e6721c4a-2600-4260-a6f3-e287c04c1a4c] [makowals] [https] [/project/images] [/api/policy/] [None] [POST] [200] [{"rules": [["image", "delete_image"]], "token": "********", "password": "********", "csrfmiddlewaretoken": "********"}]

  As for auditing purposes these requests have no value, it would make
  more sense to hide them by default or at least provide some
  configuration option (like 'ignored_urls') in order for the operator
  to be able to disable these entries.

To manage notifications about this bug go to:
https://bugs.launchpad.net/horizon/+bug/1688206/+subscriptions

References

  Thread PreviousDate PreviousThread Next