Details
Description
Build - 4.0.0-2213
Steps performed -
1. Cluster of 6 nodes with different services running
2. Enabled "Audit configuration" logging /opt/couchbase/var/lib/couchbase/logs
3. Deleted existing XDCR replication
4. Created new Read-Only user account
Expected on audit.log file -
- log for deleted replication [Success]
- log for new account read-only user [Failed]
Here is the logs :
{"timestamp":"2015-05-27T17:05:51.649358-07:00","real_userid":
,"auditd_enabled":true,"descriptors_path":"/opt/couchbase/etc/security","hostname":"cranberry-h21220","log_path":"/opt/couchbase/var/lib/couchbase/logs","rotate_interval":86400,"version":1,"id":4096,"name":"configured audit daemon","description":"loaded configuration file for audit daemon"}
{"timestamp":"2015-05-27T17:05:56.148-07:00","real_userid":
,"local_cluster_name":"10.5.2.237:8091","source_bucket_name":"default","remote_cluster_name":"NYC_DC","target_bucket_name":"default","id":16390,"name":"replication cancellation","description":"canceled replication"}
{"timestamp":"2015-05-27T17:05:57.815-07:00","real_userid":
,"local_cluster_name":"10.5.2.237:8091","source_bucket_name":"travel-sample","remote_cluster_name":"NYC_DC","target_bucket_name":"airline","id":16390,"name":"replication cancellation","description":"canceled replication"}
{"timestamp":"2015-05-27T17:05:59.632-07:00","real_userid":
,"local_cluster_name":"10.5.2.237:8091","source_bucket_name":"travel-sample","remote_cluster_name":"NYC_DC","target_bucket_name":"airport","id":16390,"name":"replication cancellation","description":"canceled replication"}
{"timestamp":"2015-05-27T17:06:01.204-07:00","real_userid":
,"local_cluster_name":"10.5.2.237:8091","source_bucket_name":"default","remote_cluster_name":"NYC_DC","target_bucket_name":"test_filter","id":16390,"name":"replication cancellation","description":"canceled replication"}
{"userid":"ro_user","role":"ro_admin","real_userid":
,"sessionid":"e29e21ddc03105c8ae7b19fd6f52e12c","remote":
{"ip":"10.17.2.103","port":63055},"timestamp":"2015-05-27T17:06:37.923-07:00","id":8195,"name":"user credentials change","description":"User credentials were changed"}
Expected:
{"userid":"ro_user","role":"ro_admin","real_userid":
{"source":"ns_server","user":"Administrator"},"sessionid":"e29e21ddc03105c8ae7b19fd6f52e12c","remote":
{"ip":"10.17.2.103","port":63055},"timestamp":"2015-05-27T17:06:37.923-07:00","id":8195,"name":"new ro_user user created","description":"Read-Only account created"}