How to find out who's logged into Horizon ?

asked 2015-01-24 13:53:28 -0600

neerbeer gravatar image

updated 2015-01-24 13:55:57 -0600

I'm running juno/ubuntu/keystone v3 and would like to know where to find the audit trail of who's logged into horizon and when. I've checked keystone logs and I see when RBAC events occur ( create_user, create_project, etc ) but I don't see any login info there. Keystone is running in debug mode btw and tokens/users are stored in mysql. There is no ldap or other identity backend.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2015-01-24 14:22:11 -0600

A user is really never logged in per say. A user uses their password to get a token and then that token is used to execute api calls until that token expires (time to expire is defined in keystone.conf).

Everything is really stateless in Openstack.

Horizon will cache the token so not to force the user to enter the password to generate a new token for every request.

If Horizon is backed by apache and horizon is running in debug mode (/etc/openstack_dashboard/ then in /var/log/apache/error.log you will a message like "user xxxx successfully authenticated" .

You can run Ceilometer and configure keystone to send events to Ceilometer and that way you can see when users auth against keystone.

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools



Asked: 2015-01-24 13:53:28 -0600

Seen: 1,161 times

Last updated: Jan 24 '15