Feature #6118
closed
Auditing metadata changes
Added by Duncan Innes over 10 years ago.
Updated about 5 years ago.
Description
One of the tools that will be incredibly helpful in corporate-land is the ability to view the entire history of data/state changes to a client and view rich metadata about the changes.
The obvious ones are:
- Puppet manifests applied to client
- Errata applied to client
- Packages installed/removed/updated
- Remote scripts scheduled (along with output)
- Puppet manifests altered in Pulp (if that's how it goes)
but lesser changes should also be audited:
- change to host/systemgroups
- changes to any host/system details
- changes to classes
Basically aiming to be able to fully identify the state of a client before & after every change that would affect it.
Data such as date/timestamp, userid, success/failure of the change.
Also previous state & new state (if applicable). It's useful to know that the hostgroup changed, but more useful to know what it changed from and to.
Output from remote scripts is provided via Satellite 5.x, but we cannot then sort a group based on the content of this output. The output also displays in the WebUI with multiple spaces concatenated (not checked the database, but the db entry and WebUI should show the same as a user would see at the console to be useful).
Duncan
Something which just struck me (but isn't completely about auditing) is that remote commands are hard to search through when viewing a list of 30 remote commands on a system - all of which look the same in the list.
Remote commands could/should have an optional title for Admins to be able to enter. This could/would be displayed as part of the audit line so that specific remote commands can be picked out more easily.
i.e.
Summary Time
Run an arbitrary script scheduled by innesd 06/ 9/14 11:41:55 AM BST
Run an arbitrary script scheduled by innesd 06/ 9/14 11:41:42 AM BST
Deploy config files to system scheduled by innesd 06/ 9/14 11:41:20 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 10:21:35 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 10:17:58 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:22:43 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:33 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:26 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:20 AM BST
Run an arbitrary script scheduled by innesd 06/ 4/14 9:09:13 AM BST
becomes:
Summary Owner Time
Run an arbitrary script (Space Check) innesd 06/ 9/14 11:41:55 AM BST
Run an arbitrary script (Memory Check) innesd 06/ 9/14 11:41:42 AM BST
Deploy config files to system innesd 06/ 9/14 11:41:20 AM BST
Run an arbitrary script (rpm -qa | grep ssl) innesd 06/ 4/14 10:21:35 AM BST
Run an arbitrary script (rpm -qa | grep ssl) innesd 06/ 4/14 10:17:58 AM BST
Run an arbitrary script (rpm -q openssl) innesd 06/ 4/14 9:22:43 AM BST
Run an arbitrary script (du -sk /var) innesd 06/ 4/14 9:09:33 AM BST
Run an arbitrary script (sosreport) innesd 06/ 4/14 9:09:26 AM BST
Run an arbitrary script (Clear /tmp) innesd 06/ 4/14 9:09:20 AM BST
Run an arbitrary script (Space Check) innesd 06/ 4/14 9:09:13 AM BST
- Project changed from Foreman to Katello
- Category deleted (
Audit Log)
- Translation missing: en.field_release deleted (
10)
- Triaged set to No
- Triaged changed from No to Yes
- Related to Feature #5267: Integrate Foreman auditing into Katello's actions added
- Related to Feature #4230: Content host action auditing needed added
- Translation missing: en.field_release set to 114
- Status changed from New to Rejected
- Target version deleted (
Katello Backlog)
Thanks for reporting this issue. This issue was created over 4 years ago and hasn't seen an update in 1 year. We are closing this in an effort to keep a realistic backlog. Please open up a new issue that includes a link to this issue if you feel this still needs to be addressed. We can then triage the new issue and reassess.
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by