Skip to content

Commit

Permalink
Update audit log configuration (#57)
Browse files Browse the repository at this point in the history 
With this commit we update the audit log configuration to the latest
upstream changes in Elasticsearch.
  • Loading branch information
@hub-cap
hub-cap committed Oct 26, 2020
1 parent c50cf90 commit 3d59034
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion cars/v1/x_pack/security/templates/config/log4j2.properties
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ appender.audit_rolling.name = audit_rolling
appender.audit_rolling.fileName = ${sys:es.logs.base_path}${sys:file.separator}${sys:es.logs.cluster_name}_audit.json
appender.audit_rolling.layout.type = PatternLayout
appender.audit_rolling.layout.pattern = {\
"@timestamp":"%d{ISO8601}"\
"type":"audit", \
"timestamp":"%d{yyyy-MM-dd'T'HH:mm:ss,SSSZ}"\
%varsNotEmpty{, "node.name":"%enc{%map{node.name}}{JSON}"}\
%varsNotEmpty{, "node.id":"%enc{%map{node.id}}{JSON}"}\
%varsNotEmpty{, "host.name":"%enc{%map{host.name}}{JSON}"}\
Expand All @@ -18,8 +19,11 @@ appender.audit_rolling.layout.pattern = {\
%varsNotEmpty{, "user.realm":"%enc{%map{user.realm}}{JSON}"}\
%varsNotEmpty{, "user.run_by.realm":"%enc{%map{user.run_by.realm}}{JSON}"}\
%varsNotEmpty{, "user.run_as.realm":"%enc{%map{user.run_as.realm}}{JSON}"}\
%varsNotEmpty{, "apikey.id":"%enc{%map{apikey.id}}{JSON}"}\
%varsNotEmpty{, "apikey.name":"%enc{%map{apikey.name}}{JSON}"}\
%varsNotEmpty{, "user.roles":%map{user.roles}}\
%varsNotEmpty{, "origin.type":"%enc{%map{origin.type}}{JSON}"}\
%varsNotEmpty{, "authentication.type":"%enc{%map{authentication.type}}{JSON}"}\
%varsNotEmpty{, "origin.address":"%enc{%map{origin.address}}{JSON}"}\
%varsNotEmpty{, "realm":"%enc{%map{realm}}{JSON}"}\
%varsNotEmpty{, "url.path":"%enc{%map{url.path}}{JSON}"}\
Expand Down

0 comments on commit 3d59034

Please sign in to comment.