[Freeipa-users] Add IP-address client to error-log file
Rob Crittenden
rcritten at redhat.com
Thu Feb 16 15:13:50 UTC 2017
Alexandr Slavov wrote:
> Thanks for your response.
> I was added custom ErrorLogFormat , but not resolved.
> I think this is python output information.
>
> Can your have any idea?
>
> Where can I open ticket about add this?
For the short term https://fedorahosted.org/freeipa/newticket
You need a FAS (Fedora Account) to open one.
rob
>
> Alexandr Slavov wrote:
> > Hello all.
> > We use CentOS 7 ,FreeIPA 4.4, Apache 2.4
> > We installed audit system like
> > http://www.freeipa.org/page/Centralized_Logging for monitoring "Who's
> > What's Doing".
> > Audit system parsing /var/log/httpd/error_log and logging to Elasticsearch.
> >
> > Some string for Remove user from group in FreeIPA from
> > /var/log/httpd/error_log:
> > [Wed Feb 15 03:46:07.381231 2017] [:error] [pid 31732] ipa: INFO:
> > admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM>: batch: group_remove_member(u'somegroup',
> > user=u'someuser'): SUCCESS
> >
> > Parsed string loaded in Elasticsearch:
> > {
> > "_index": "logstash-2017.02.15",
> > "_type": "events",
> > "_id": "Uniq-ID",
> > "_score": null,
> > "_source": {
> > "timestamp": "2017-02-15T03:46:08-06:00",
> > "status": "SUCCESS",
> > "parameters": "'u'somegroup', user=u'someuser'",
> > "action": "group_remove_member",
> > "principal": "admin-user at DOMAIN.COM",
> > "pid": "31732",
> > "event.tags": [
> > "ipa",
> > "ipa-call",
> > "batch"
> > ],
> > "host": "server-1",
> > "facility": "local0",
> > "severity": "notice",
> > "tag": "httpderror",
> > "message": " [Wed Feb 15 03:46:07.381231 2017] [:error] [pid 31732]
> > ipa: INFO: admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM>: batch:
> > group_remove_member(u'somegroup', user=u'someuser'): SUCCESS"
> > },
> > "fields": {
> > "timestamp": [
> > 1487151968000
> > ]
> > },
> > "sort": [
> > 1487151968000
> > ]
> > }
> >
> >
> > But we need add IP-address of admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM> outputting to
> > error_log. How can add IP-address to this error_log file ?
>
> See https://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat
>
> You'd have to manually configure this on each master and ensure that it
> survives IPA updates.
>
> Alternatively you can open a ticket asking IPA to add this.
>
> rob
>
More information about the Freeipa-users
mailing list