Details
-
Bug
-
Resolution: Fixed
-
Critical
-
7.1.0
-
centos 7 64 bit; CB EE 7.1.0-1985
-
Untriaged
-
-
1
-
Unknown
Description
For example:
At the audit settings, if one disables audit for user "sumedh/couchbase", the name gets printed in system event log. Something like this:
[{"timestamp":"2022-01-10T06:30:46.872Z","uuid":"633156f6-b283-056c-4be6-2d76bcdd17ca","event_id":10243,"component":"views","description":"view engine settings changed","severity":"info","extra_attributes":{"section":"security","key":"audit","old_value":"[{audit_enabled,true},\n {disabled_users,[{\"sumedh\",local}]},\n {enabled_events,[20480,20482,20483,20485,20488,20489,20490,20491,20492,20493,\n 20494,32768,32769,32773,32774,32775,32776,32777,32778,32779,\n 32781,32784,32789,32790,32791,32792,32794,32797,36865,36866,\n 40960,40961,40962,40964,40966,45056,45058,45059,45060,45062,\n 45063,45064,45065,45067,45068,45069,45071,45072,45073,\n 45074]}]","new_value":"[{audit_enabled,false},\n {disabled_users,[{\"sumedh\",local}]}
|
And the PRD says that:
Usernames, Passwords, Certificates, Document IDs, Document Keys and Values, Email Addresses and other sensitive data are absolutely not allowed to be stored in the System Event Log.
|
Ns-server encodes users (or uses UUID in place of names). Something like this:
"extra_attributes":{"user":"Cr9YfZyUGVZwVT6rilEXSG/J29B8ZdZVq8dGs7QeTt0=","domain":"local"}}]"extra_attributes":{"user":"Cr9YfZyUGVZwVT6rilEXSG/J29B8ZdZVq8dGs7QeTt0=","domain":"local"}}]%MCEPASTEBIN%
|
So maybe something like that needs to be done here too, I think.