Jeff Mitchell
22528daac6
Add 'discard' target to file audit backend ( #3262 )
...
Fixes #seth
2017-08-30 19:16:47 -04:00
Christopher Pauley
f2d452b5e1
stdout support for file backend via logger ( #3235 )
2017-08-29 14:51:16 -04:00
Tommy Murphy
57aac16cd2
audit: support a configurable prefix string to write before each message ( #2359 )
...
A static token at the beginning of a log line can help systems parse
logs better. For example, rsyslog and syslog-ng will recognize the
'@cee: ' prefix and will parse the rest of the line as a valid json message.
This is useful in environments where there is a mix of structured and
unstructured logs.
2017-02-10 16:56:28 -08:00
Brian Kassouf
f5739bee4f
Added a warning about the dropped socket connection edge case
2017-02-07 11:06:36 -08:00
Brian Kassouf
17d00d9548
Add info about UNIX sockets
2017-02-06 15:56:58 -08:00
Brian Kassouf
aa32568aa9
Update the docs and move the logic for reconnecting into its own function
2017-02-04 16:55:17 -08:00
Harrison Harnisch
6da4806582
add socket audit backend
2017-02-02 14:21:48 -08:00
vishalnayak
30a67c13fb
Fix file_path argument in audit's index.html
2017-01-18 21:43:29 -05:00
Raja Nadar
d0c6767156
doc: syslog change data type from bool to string ( #1998 )
2016-10-26 16:18:31 -04:00
Raja Nadar
b8c492f8c6
doc: change data type from boolean to string ( #1997 )
...
the api doesn't accept the boolean value. it needs a string containing a boolean value.
2016-10-26 11:29:42 -04:00
Laura Bennett
3bf0520bbb
address feedback
2016-10-09 22:23:30 -04:00
Laura Bennett
a8813c4ff2
changes for 'mode'
2016-10-08 19:52:49 -04:00
Laura Bennett
487f0d74c1
website documentation update
2016-10-07 15:48:29 -04:00
Jeff Mitchell
905d01cf8e
Update changelog and website for GH-1958
2016-09-30 15:08:38 -04:00
Jeff Mitchell
8482118ac6
Transit and audit enhancements
2016-09-21 10:49:26 -04:00
Laura Bennett
f8bc3b125e
website update for request uuuid
2016-07-24 21:23:12 -04:00
Gérard de Vos
57215ac0aa
Update index.html.md
...
According to the source it is expecting a description. log_raw is one of the options.
2016-03-31 14:19:03 +02:00
Gérard de Vos
f0e3d4abb3
Update index.html.md
...
description -> log_raw
2016-03-31 14:06:19 +02:00
vishalnayak
26ae455234
Fix audit docs
2016-03-30 00:54:40 -04:00
vishalnayak
bac4fe0799
Rename id to path and path to file_path, print audit backend paths
2016-03-14 17:15:07 -04:00
Jeff Mitchell
9609f4bb78
s/hash_accessor/hmac_accessor/g
2016-03-14 14:52:29 -04:00
vishalnayak
65bef4014d
Remove redundant variables
2016-03-11 21:36:38 -05:00
vishalnayak
2275c3b844
Doc update for syslog and file backends
2016-03-11 21:14:39 -05:00
Jeff Mitchell
49d525ebf3
Reintroduce the ability to look up obfuscated values in the audit log
...
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).
In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)
Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell
7d03d63bfe
Update audit documentation around what hash is used
2015-11-18 10:42:42 -05:00
Emil Hessman
79b098b89e
website: address minor doc typos
2015-04-28 20:32:04 +02:00
Armon Dadgar
1530403a04
audit/file: add log_raw parameter and default to hashing
2015-04-27 15:56:41 -07:00
Armon Dadgar
91730ae8af
website: Adding the syslog audit backend
2015-04-27 15:56:41 -07:00
Mitchell Hashimoto
8436264a9b
website: clarify that secrets are no longer stored in audit logs
2015-04-21 16:23:16 +01:00
Mitchell Hashimoto
7f410be198
website: audit backends
2015-04-19 22:59:39 -07:00
