Merge pull request #96987 from openshift-cherrypick-robot/cherry-pick-96800-to-enterprise-4.20

[enterprise-4.20] OBSDOCS-2214: Change module type for metrics server audit logs module

modules/monitoring-configuring-audit-logs-for-metrics-server.adoc

@@ -2,23 +2,37 @@
 //
 // * observability/monitoring/configuring-the-monitoring-stack.adoc
 
-:_mod-docs-content-type: CONCEPT
+:_mod-docs-content-type: PROCEDURE
 [id="configuring-audit-logs-for-metrics-server_{context}"]
 = Configuring audit logs for Metrics Server
 
 You can configure audit logs for Metrics Server to help you troubleshoot issues with the server. 
 Audit logs record the sequence of actions in a cluster. It can record user, application, or control plane activities.
 
-You can set audit log rules, which determine what events are recorded and what data they should include. This can be achieved with the following audit profiles:
+You can configure audit log rules to record specific events and a subset of associated data. The following audit profiles define configuration rules:
 
-* *Metadata (default)*: This profile enables the logging of event metadata including user, timestamps, resource, and verb. It does not record request and response bodies.
-* *Request*: This enables the logging of event metadata and request body, but it does not record response body. This configuration does not apply for non-resource requests.
-* *RequestResponse*: This enables the logging of event metadata, and request and response bodies. This configuration does not apply for non-resource requests.
-* *None*: None of the previously described events are recorded.
+* `Metadata` (default): This profile logs event metadata including user, timestamps, resource, and verb. It does not record request and response bodies.
+* `Request`: This profile logs event metadata and request body, but it does not record response body. This configuration does not apply to non-resource requests.
+* `RequestResponse`: This profile logs event metadata, and request and response bodies. This configuration does not apply to non-resource requests.
+* `None`: None of the previously described events are recorded.
 
-You can configure the audit profiles by modifying the `cluster-monitoring-config` config map.
-The following example sets the profile to `Request`, allowing the logging of event metadata and request body for Metrics Server:
+.Prerequisites
 
+* You have access to the cluster as a user with the `cluster-admin` cluster role.
+* You have created the `cluster-monitoring-config` `ConfigMap` object.
+* You have installed the {oc-first}.
+
+.Procedure
+
+. Edit the `cluster-monitoring-config` config map in the `openshift-monitoring` project:
++
+[source,terminal]
+----
+$ oc -n openshift-monitoring edit configmap cluster-monitoring-config
+----
+
+. Add audit log configuration for Metrics Server under `data/config.yaml`:
++
 [source,yaml]
 ----
 apiVersion: v1
@@ -30,5 +44,21 @@ data:
   config.yaml: |
     metricsServer:
       audit:
-        profile: Request
+        profile: <audit_log_profile> # <1>
+----
+<1> Specify the audit profile for Metrics Server.
+
+. Save the file to apply the changes. The pods affected by the new configuration are automatically redeployed.
+
+. Verify that the audit profile is applied:
++
+[source,terminal]
+----
+$ oc -n openshift-monitoring get deploy metrics-server -o yaml | grep -- '--audit-policy-file=*'
+----
++
+.Example output
+[source,terminal]
+----
+        - --audit-policy-file=/etc/audit/request-profile.yaml
 ----