Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-30403

Internal user shown in audit logs for document read via UI

    XMLWordPrintable

Details

    • Untriaged
    • Unknown

    Description

      -Create user with query select and document read roles for travel - sample bucket

      -Turn on auditing for document read events

      -Login as user and browse to doc editor

      -See audit entries naming ns_server as user:

      {"timestamp":"2018-07-09T16:59:55.616560Z","peername":"127.0.0.1:54187","sockname":"127.0.0.1:11209","real_userid":{"domain":"memcached","user":"@ns_server"},"bucket":"travel-sample","key":"<ud>airline_10</ud>","id":20488,"name":"document read","description":"Document was read"}

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          Sharal Sonia What are your thoughts on whether or not the proposed change should go into Mad-Hatter?   Let me know if you'd like to chat about this and I'll arrange a call.

          steve.watanabe Steve Watanabe added a comment - Sharal Sonia  What are your thoughts on whether or not the proposed change should go into Mad-Hatter?   Let me know if you'd like to chat about this and I'll arrange a call.

          Perry Krug, Dave F. and I discussed this issue today and would like to move forward with the change. Have you had a chance to ping the customers who originally wanted auditing to see if READ was also something they would like? If that is the case it would help put some addition push for the change.

          steve.watanabe Steve Watanabe added a comment - Perry Krug , Dave F. and I discussed this issue today and would like to move forward with the change. Have you had a chance to ping the customers who originally wanted auditing to see if READ was also something they would like? If that is the case it would help put some addition push for the change.
          perry Perry Krug added a comment -

          Thanks Steve Watanabe, yes read auditing is definitely what they are interested in.

           

          Thank you

          perry Perry Krug added a comment - Thanks Steve Watanabe , yes read auditing is definitely what they are interested in.   Thank you

          Build couchbase-server-6.5.0-4070 contains ns_server commit 5a28ca4 with commit message:
          MB-30403 Display user name in doc read audit event

          build-team Couchbase Build Team added a comment - Build couchbase-server-6.5.0-4070 contains ns_server commit 5a28ca4 with commit message: MB-30403 Display user name in doc read audit event
          thuan Thuan Nguyen added a comment -

          Verified on build 6.5.0-4908

           grep query audit.log 
          {"description":"Successful login to couchbase cluster","id":8192,"name":"login success","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59595},"roles":["query_delete[travel-sample]","query_insert[travel-sample]","query_manage_index[travel-sample]","query_select[travel-sample]","query_update[travel-sample]"],"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:16.122-08:00"}
          {"bucket_name":"travel-sample","description":"Document was mutated via the REST API","doc_id":"<ud>test</ud>","id":8243,"name":"mutate document","operation":"set","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59610},"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:35.529-08:00"}
          {"description":"Successful logout of couchbase cluster","id":8256,"name":"logout success","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59649},"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:57.303-08:00"}
          [root@s44016 logs]# 
          

          thuan Thuan Nguyen added a comment - Verified on build 6.5.0-4908 grep query audit.log {"description":"Successful login to couchbase cluster","id":8192,"name":"login success","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59595},"roles":["query_delete[travel-sample]","query_insert[travel-sample]","query_manage_index[travel-sample]","query_select[travel-sample]","query_update[travel-sample]"],"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:16.122-08:00"} {"bucket_name":"travel-sample","description":"Document was mutated via the REST API","doc_id":"<ud>test</ud>","id":8243,"name":"mutate document","operation":"set","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59610},"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:35.529-08:00"} {"description":"Successful logout of couchbase cluster","id":8256,"name":"logout success","real_userid":{"domain":"local","user":"query"},"remote":{"ip":"10.100.174.70","port":59649},"sessionid":"8ff0bc571537e39265e05b742c941a49","timestamp":"2019-12-03T16:07:57.303-08:00"} [root@s44016 logs]#

          People

            thuan Thuan Nguyen
            perry Perry Krug
            Votes:
            0 Vote for this issue
            Watchers:
            8 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty