[Freeipa-users] Add IP-address client to error-log file

Rob Crittenden rcritten at redhat.com
Thu Feb 16 15:13:50 UTC 2017 

Alexandr Slavov wrote:
> Thanks   for your response.
> I was added custom ErrorLogFormat  , but not resolved.
> I think this is python output information.
> 
> Can your have any idea?
> 
> Where can I open ticket about add this?

For the short term https://fedorahosted.org/freeipa/newticket

You need a FAS (Fedora Account) to open one.

rob

> 
>     Alexandr Slavov wrote:
>     > Hello all.
>     > We use CentOS 7 ,FreeIPA 4.4, Apache 2.4
>     > We installed audit system like
>     > http://www.freeipa.org/page/Centralized_Logging  for monitoring "Who's
>     > What's Doing".
>     > Audit system parsing /var/log/httpd/error_log and logging to Elasticsearch.
>     > 
>     > Some string for Remove user from group in FreeIPA from
>     > /var/log/httpd/error_log:
>     > [Wed Feb 15 03:46:07.381231 2017] [:error] [pid 31732] ipa: INFO:
>     > admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM>: batch: group_remove_member(u'somegroup',
>     > user=u'someuser'): SUCCESS
>     > 
>     > Parsed string loaded in Elasticsearch:
>     > {
>     >   "_index": "logstash-2017.02.15",
>     >   "_type": "events",
>     >   "_id": "Uniq-ID",
>     >   "_score": null,
>     >   "_source": {
>     >     "timestamp": "2017-02-15T03:46:08-06:00",
>     >     "status": "SUCCESS",
>     >     "parameters": "'u'somegroup', user=u'someuser'",
>     >     "action": "group_remove_member",
>     >     "principal": "admin-user at DOMAIN.COM",
>     >     "pid": "31732",
>     >     "event.tags": [
>     >       "ipa",
>     >       "ipa-call",
>     >       "batch"
>     >     ],
>     >     "host": "server-1",
>     >     "facility": "local0",
>     >     "severity": "notice",
>     >     "tag": "httpderror",
>     >     "message": " [Wed Feb 15 03:46:07.381231 2017] [:error] [pid 31732]
>     > ipa: INFO: admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM>: batch:
>     > group_remove_member(u'somegroup', user=u'someuser'): SUCCESS"
>     >   },
>     >   "fields": {
>     >     "timestamp": [
>     >       1487151968000
>     >     ]
>     >   },
>     >   "sort": [
>     >     1487151968000
>     >   ]
>     > }
>     > 
>     > 
>     > But we need add IP-address of admin-user at DOMAIN.COM <mailto:admin-user at DOMAIN.COM>  outputting to
>     > error_log.  How can  add IP-address to this error_log file ?
> 
>     See https://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat
> 
>     You'd have to manually configure this on each master and ensure that it
>     survives IPA updates.
> 
>     Alternatively you can open a ticket asking IPA to add this.
> 
>     rob
>

More information about the Freeipa-users mailing list