Project

General

Profile

Feature #6118

Auditing metadata changes

Added by Duncan Innes about 5 years ago. Updated about 1 year ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Difficulty:
Triaged:
Yes
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

One of the tools that will be incredibly helpful in corporate-land is the ability to view the entire history of data/state changes to a client and view rich metadata about the changes.

The obvious ones are:

  • Puppet manifests applied to client
  • Errata applied to client
  • Packages installed/removed/updated
  • Remote scripts scheduled (along with output)
  • Puppet manifests altered in Pulp (if that's how it goes)

but lesser changes should also be audited:

  • change to host/systemgroups
  • changes to any host/system details
  • changes to classes

Basically aiming to be able to fully identify the state of a client before & after every change that would affect it.

Data such as date/timestamp, userid, success/failure of the change.

Also previous state & new state (if applicable). It's useful to know that the hostgroup changed, but more useful to know what it changed from and to.

Output from remote scripts is provided via Satellite 5.x, but we cannot then sort a group based on the content of this output. The output also displays in the WebUI with multiple spaces concatenated (not checked the database, but the db entry and WebUI should show the same as a user would see at the console to be useful).

Duncan


Related issues

Related to Katello - Feature #5267: Integrate Foreman auditing into Katello's actionsNew2014-04-21
Related to Katello - Feature #4230: Content host action auditing neededNew2014-01-31

History

#2 Updated by Duncan Innes about 5 years ago

Something which just struck me (but isn't completely about auditing) is that remote commands are hard to search through when viewing a list of 30 remote commands on a system - all of which look the same in the list.

Remote commands could/should have an optional title for Admins to be able to enter. This could/would be displayed as part of the audit line so that specific remote commands can be picked out more easily.

i.e.

Summary Time
Run an arbitrary script scheduled by innesd 06/ 9/14 11:41:55 AM BST
Run an arbitrary script scheduled by innesd 06/ 9/14 11:41:42 AM BST
Deploy config files to system scheduled by innesd 06/ 9/14 11:41:20 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 10:21:35 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 10:17:58 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:22:43 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:33 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:26 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:20 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:13 AM BST

becomes:

Summary Owner Time
Run an arbitrary script (Space Check) innesd 06/ 9/14 11:41:55 AM BST
Run an arbitrary script (Memory Check) innesd 06/ 9/14 11:41:42 AM BST
Deploy config files to system innesd 06/ 9/14 11:41:20 AM BST
Run an arbitrary script (rpm -qa | grep ssl) innesd 06/ 4/14 10:21:35 AM BST
Run an arbitrary script (rpm -qa | grep ssl) innesd 06/ 4/14 10:17:58 AM BST
Run an arbitrary script (rpm -q openssl) innesd 06/ 4/14 9:22:43 AM BST
Run an arbitrary script (du -sk /var) innesd 06/ 4/14 9:09:33 AM BST
Run an arbitrary script (sosreport) innesd 06/ 4/14 9:09:26 AM BST
Run an arbitrary script (Clear /tmp) innesd 06/ 4/14 9:09:20 AM BST
Run an arbitrary script (Space Check) innesd 06/ 4/14 9:09:13 AM BST

#3 Updated by Dominic Cleal about 5 years ago

  • Project changed from Foreman to Katello
  • Category deleted (Audit Log)
  • Legacy Backlogs Release (now unused) deleted (10)
  • Triaged set to No

#4 Updated by Eric Helms over 4 years ago

  • Triaged changed from No to Yes

#5 Updated by Eric Helms over 4 years ago

  • Related to Feature #5267: Integrate Foreman auditing into Katello's actions added

#6 Updated by Eric Helms over 4 years ago

  • Related to Feature #4230: Content host action auditing needed added

#7 Updated by Eric Helms over 3 years ago

  • Legacy Backlogs Release (now unused) set to 114

Also available in: Atom PDF