How to enable OpenShift Auditing

OpenShift

OpenShift is a family of containerization software has many add on features and advantages over Kubernetes. This article describes about OpenShift Auditing.

Topic

  • How to enable OpenShift Auditing?
  • Enable OpenShift Auditing
  • How to Audit OpenShift

apt

  • OpenShift 3.11

Solution


  • Add the following configuration in /etc/origin/master/master-config.yaml file on the master node.
auditConfig:
  auditFilePath: /var/lib/origin/log/ocp-audit.log
  enabled: true
  maximumFileRetentionDays: 5
  maximumFileSizeMegabytes: 20
  maximumRetainedFiles: 20

  • Above Audit configuration retains audit logs for 5 days and create log file upto 20MB of size and preserves last 20 rotated file.

  • Then restart api services.

# master-restart api; master-restart controllers

  • Check /var/lib/origin/log/ocp-audit.log file on the master node for audit logs.

You May Also Like

avatar

About the Author: TekFik

TekFik is a technical blogging site helps techies and engineers to solve their day to day issues and also allows everyone to share knowledge and feedback. Please feel free to contact us at tekfik.rd@gmail.com if there is anything.

1 Comment

Leave a Reply

Your email address will not be published. Required fields are marked *