
OpenShift is a family of containerization software has many add on features and advantages over Kubernetes. This article describes about OpenShift Auditing.
Topic
- How to enable OpenShift Auditing?
- Enable OpenShift Auditing
- How to Audit OpenShift
apt
- OpenShift 3.11
Solution
- Add the following configuration in /etc/origin/master/master-config.yaml file on the master node.
auditConfig:
auditFilePath: /var/lib/origin/log/ocp-audit.log
enabled: true
maximumFileRetentionDays: 5
maximumFileSizeMegabytes: 20
maximumRetainedFiles: 20
-
Above Audit configuration retains audit logs for 5 days and create log file upto 20MB of size and preserves last 20 rotated file.
-
Then restart api services.
# master-restart api; master-restart controllers
- Check /var/lib/origin/log/ocp-audit.log file on the master node for audit logs.
215067 461126Excellent weblog, Im going to spend a lot more time reading about this topic 237680