Ask Your Question
0

How do you log RBAC events with Keystone?

asked 2015-04-06 08:27:01 -0500

wbentley15 gravatar image

updated 2015-04-06 09:09:11 -0500

SGPJ gravatar image

Despite numerous attempts to enable the additional logging for Keystone found at - http://docs.openstack.org/openstack-ops/content/logging_monitoring.html...the only logging level I get in the logs is WARNING. Looking to log all RBAC events for auditing/security purposes. Anyone have success doing this?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2015-04-06 23:39:55 -0500

If you are using Kilo ( I'm not sure whether RBAC events are in Juno), then RBAC events are emitted as CADAF events. Enable messaging in keystone, and configure rabbitmq. You can pick up the audit events for RBAC from rabbitmq.

Note, keystone event is chatty, you may want to consume and ignore unnecessary events

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2015-04-06 08:27:01 -0500

Seen: 55 times

Last updated: Apr 06 '15