Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit log for WhoAmI request #2052

Closed
netacoral opened this issue Feb 25, 2021 · 2 comments · Fixed by #2061
Closed

Audit log for WhoAmI request #2052

netacoral opened this issue Feb 25, 2021 · 2 comments · Fixed by #2061
Assignees
@alexkalish @InbalZilberman
Labels
component/conjur kind/enhancement

Comments

@netacoral
Copy link

netacoral commented Feb 25, 2021
edited
Loading

Describe the solution you would like

I would like to add an enhancement to the audit log - create a log when using the WhoAmI request. The new log should have the following fields (example using JSON structure, but same fields should apply to syslog)

{
  "subject@43868": {
    "role": "demo:user:admin"
  },
  "auth@43868": {
    "user": "demo:user:admin"
  },
  "action@43868": {
    "result": "success",
    "operation": "check"
  },
  "PROGRAM": "conjur",
  "PID": "3490bfd0-75d1-4969-ac74-49ab3c48fc0d",
  "MSGID": "identity-check",
  "MESSAGE": "demo:user:admin checked their identity using WhoAmI",
  "LEVEL": "info",
  "ISODATE": "2020-04-15T15:56:53.771+00:00",
  "FACILITY": "auth"
}
@netacoral
Copy link
Author

@alexkalish could you please review?

@netacoral netacoral mentioned this issue Mar 7, 2021
Merged
8 tasks
@amosmintzcyberark
Copy link
Contributor

amosmintzcyberark commented Mar 8, 2021
edited
Loading

example json after review:

{
    "subject@43868": {
        "role": "CyberArk:user:admin"
    },
    "client@43868": {
        "ip": "172.17.0.1"
    },
    "auth@43868": {
        "user": "CyberArk:user:admin"
    },
    "action@43868": {
        "result": "success",
        "operation": "check"
    },
    "PROGRAM": "conjur",
    "PID": "8a5b09aa-532a-49ce-9c62-b0c503d8903a",
    "MSGID": "identity-check",
    "MESSAGE": "CyberArk:user:admin checked its identity using whoami",
    "LEVEL": "info",
    "ISODATE": "2021-03-07T16:00:39.625+00:00",
    "FACILITY": "auth"
}

@amosmintzcyberark amosmintzcyberark mentioned this issue Mar 17, 2021
Merged
8 tasks
@izgeri izgeri mentioned this issue Mar 30, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alexkalish alexkalish

@InbalZilberman InbalZilberman

Labels
component/conjur kind/enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add audit message to whoami command cyberark/conjur
4 participants
@alexkalish @InbalZilberman @netacoral @amosmintzcyberark