starlingx/docs
Code Issues Proposed changes
0acad2efc2
docs/doc/source/security/kubernetes/operator-login-authentication-logging.rst
Ron Stone d63e42ebeb Security Audit Logging 
Continuation of changes made under https://review.opendev.org/c/starlingx/docs/+/832841
(abandoned)
Add conditional text about log access via controllers.
Patchset 3 review updates.
Add conditionalization.

Story: 2009824
Task: 45043

Signed-off-by: Ron Stone <ronald.stone@windriver.com>
Change-Id: I4e9a1a9e0940ffc15a71cea954062d7c42a88e81
2022-05-03 07:34:25 -04:00

1.1 KiB
Raw Blame History

Operator Login/Authentication Logging

logs all operator login and authentication attempts.

For security purposes, all login attempts (success and failure) are logged. This includes the Horizon Web Interface logins, SSH logins, Local Console Logins and internal database login attempts.

The logs include the timestamp, user name, remote IP Address, and number of failed login attempts (if applicable). They are located under the /var/log directory, and include the following:

  • /var/log/auth.log
  • /var/log/horizon.log
  • /var/log/pmond.log
  • /var/log/hostwd.log
  • /var/log/sysinv.log
  • /var/log/user.log
  • /var/log/ima.log

partner

starlingx

You can examine the log files locally on the controllers.