Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-29525

KV Audit - filter out internal users

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 5.5.0
    • 5.5.6
    • ns_server

    Description

      When using KV audit in Couchbase Server 5.5 Beta, there's a lot of noise when eventing is deployed as there's a steady stream of reads/writes to its 'metadata' bucket.  It would be useful to be able to filter out internal users such as @eventing. 

      {"timestamp":"2018-05-03T23:29:17.539938Z","peername":"127.0.0.1:54376","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::852</ud>","id":20490,"name":"document modify","description":"Document was modified"}
      {"timestamp":"2018-05-03T23:29:17.551977Z","peername":"127.0.0.1:54372","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::97</ud>","id":20490,"name":"document modify","description":"Document was modified"}
      {"timestamp":"2018-05-03T23:29:17.552022Z","peername":"127.0.0.1:54372","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::97</ud>","id":20490,"name":"document modify","description":"Document was modified"}
      {"timestamp":"2018-05-03T23:29:17.557483Z","peername":"127.0.0.1:54376","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::925</ud>","id":20490,"name":"document modify","description":"Document was modified"}
      {"timestamp":"2018-05-03T23:29:17.557522Z","peername":"127.0.0.1:54376","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::925</ud>","id":20490,"name":"document modify","description":"Document was modified"}
      {"timestamp":"2018-05-03T23:29:17.562657Z","peername":"127.0.0.1:54372","sockname":"127.0.0.1:11210","real_userid":{"source":"memcached","user":"@eventing"},"bucket":"beer-sample-metadata","key":"<ud>add_timer_before_expiry::vb::277</ud>","id":20490,"name":"document modify","description":"Document was modified"}

       

      Attachments

        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            trond Trond Norbye added a comment -

            There is no hard coded filter rules in the audit daemon (nor do we want any), and all events is filtered based on the configuration provided

            trond Trond Norbye added a comment - There is no hard coded filter rules in the audit daemon (nor do we want any), and all events is filtered based on the configuration provided

            Build couchbase-server-5.5.6-4722 contains ns_server commit 50e5636 with commit message:
            MB-29525: Permit internal users in /settings/audit

            build-team Couchbase Build Team added a comment - Build couchbase-server-5.5.6-4722 contains ns_server commit 50e5636 with commit message: MB-29525 : Permit internal users in /settings/audit

            Build couchbase-server-6.5.0-4389 contains ns_server commit 50e5636 with commit message:
            MB-29525: Permit internal users in /settings/audit

            build-team Couchbase Build Team added a comment - Build couchbase-server-6.5.0-4389 contains ns_server commit 50e5636 with commit message: MB-29525 : Permit internal users in /settings/audit

            Build couchbase-server-6.0.3-2888 contains ns_server commit 50e5636 with commit message:
            MB-29525: Permit internal users in /settings/audit

            build-team Couchbase Build Team added a comment - Build couchbase-server-6.0.3-2888 contains ns_server commit 50e5636 with commit message: MB-29525 : Permit internal users in /settings/audit
            ritam.sharma Ritam Sharma added a comment -

            @ns_server/couchbase,@eventing/couchbase,@cbq-engine/couchbase,@ns_server/couchbase,@index/couchbase,@projector/couchbase,@fts/couchbase,@goxdcr/couchbase

            ritam.sharma Ritam Sharma added a comment - @ns_server/couchbase,@eventing/couchbase,@cbq-engine/couchbase,@ns_server/couchbase,@index/couchbase,@projector/couchbase,@fts/couchbase,@goxdcr/couchbase

            People

              ritam.sharma Ritam Sharma
              ianmccloy Ian McCloy
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Gerrit Reviews

                  There are no open Gerrit changes

                  PagerDuty