Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-60423

[CBBS] Unauthorised access is not recorded in audit.log

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Minor
    • 7.6.3
    • 7.6.0
    • tools
    • Untriaged
    • 0
    • No

    Description

      Steps to reproduce:

       

      /opt/couchbase/bin/couchbase-cli setting-audit -c http://localhost -u Administrator -p password  --set --audit-enabled 1 
       
      		 
      curl -g -k -X PUT http://localhost:8097/api/v1/plan/BackupAndMergePlan -u Administrator:wrongpassword -d '{"name": "Backuptest","options": null,"full_backup": true},{"name": "test","task_type":"MERGE","full_backup":null}'
      		 
       
      		 
      cat /opt/couchbase/var/lib/couchbase/logs/audit.log

      The unauthorised access is reported in 7.2.4:

       

      {"description":"A user has been denied access to the REST API due to invalid permissions or credentials","id":45074,"local":{"ip":"::1","port":8097},"method":"PUT","name":"Access denied","real_userid":{"domain":"internal","user":"unknown"},"remote":{"ip":"::1","port":49804},"status":401,"timestamp":"2024-01-17T06:49:41.076-08:00"}

      It started before 7.6.0-1453 (I am trying to identify the exact build but it will take time).

       

      Server logs will be attached soon.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            Matt.Hall Matt Hall
            gilad.kalchheim Gilad Kalchheim
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty