openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS-11769: adds clarity for audit logs MicroShift

Browse Source
This commit is contained in:
“Shauna Diaz”
2024-08-28 07:35:46 -04:00
committed by openshift-cherrypick-robot
parent 1168da69c2
commit e55f5cc0a3
2 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
microshift_configuring/microshift-audit-logs-config.adoc
View File

@@ -6,10 +6,19 @@ include::_attributes/attributes-microshift.adoc[]
toc::[]
You can control audit log file rotation and retention by using configuration values.
You can control {microshift-short} audit log file rotation and retention by using configuration values.
include::modules/microshift-audit-logs-config-intro.adoc[leveloffset=+1]
[id="Additional-resources_audit-log-intro"]
.Additional resources
* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/auditing-the-system_security-hardening#configuring-auditd-for-a-secure-environment_auditing-the-system[Configuring auditd for a secure environment]
* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/security_hardening/auditing-the-system_security-hardening#understanding-audit-log-files_auditing-the-system[Understanding Audit log files]
* link:https://access.redhat.com/solutions/1294[How to use logrotate utility to rotate log files] (Solutions, dated 7 August 2024)
// About audit log profiles; OCP module, edit with conditionals and care
include::modules/nodes-nodes-audit-config-about.adoc[leveloffset=+1]

9
modules/microshift-audit-logs-config-intro.adoc
View File

@@ -6,9 +6,9 @@
[id="microshift-audit-logs-config-intro_{context}"]
= About setting limits on audit log files
Controlling the rotation and retention of the audit log file by using configuration values helps keep the limited storage capacities of far-edge devices from being exceeded. On such devices, logging data accumulation can limit host system or cluster workloads, potentially causing the device stop working. Setting audit log policies can help ensure that critical processing space is continually available.
Controlling the rotation and retention of the {microshift-short} audit log file by using configuration values helps keep the limited storage capacities of far-edge devices from being exceeded. On such devices, logging data accumulation can limit host system or cluster workloads, potentially causing the device stop working. Setting audit log policies can help ensure that critical processing space is continually available.
The values you set to limit audit logs enable you to enforce the size, number, and age limits of audit log backups. Field values are processed independently of one another and without prioritization.
The values you set to limit {microshift-short} audit logs enable you to enforce the size, number, and age limits of audit log backups. Field values are processed independently of one another and without prioritization.
You can set fields in combination to define a maximum storage limit for retained logs. For example:
@@ -35,3 +35,8 @@ You can set fields in combination to define a maximum storage limit for retained
The maximum default storage usage for audit log retention is 2000Mb if there are 10 or fewer files.
If you do not specify a value for a field, the default value is used. If you remove a previously set field value, the default value is restored after the next {microshift-short} service restart.
[IMPORTANT]
====
You must configure audit log retention and rotation in {op-system-base-full} for logs that are generated by application pods. These logs print to the console and are saved. Ensure that your log preferences are configured for the {op-system} `/var/log/audit/audit.log` file to maintain {microshift-short} cluster health.
====