Post by scoombs on Nov 21, 2024 6:37:04 GMT
What support if any does DMTF Redfish currently provide, in terms of specifying what must be included, for audit logs? Searching, I found an old document, DSP0266 dated 2015-09-17, which includes a section on audit logs, reproduced below. Searching a current version of DSP0266, there doesn't appear to be any mention of audit logs; is it perhaps addressed in another document, currently?
Below is the section on audit logs, from DSP0266, dated 2015-09-17, for reference:
9.5.3 Content of Audit Logs
Details : Need to generate events for the following
1. logon, log-off, modification of user accounts
2. successful and rejected login attempts,
3. successful and rejected connections to nodes and other resource access attempts
4. details about the modification of user accounts
5. all changes to the system configuration,
6. information about the use of built-in utilities running in Redfish compliant-devices(e.g. low-level diagnostic tools),
7. information about accessing the system interfaces of the Redfish compliant-devices
8. network addresses and protocols (e.g. workstation IP address and protocol used for access)
Redfish Scalable Platforms Management API Specification
Version 1.0.1 70
DSP0266
Published
Version Date Description
1.0.0 2015-8-4 Initial release
1.0.1 2015-9-17
Errata release. Clarified normative use of LongDescription in schema files. Clarified usage of the
'rel-describedby' link header. Corrected text in example of 'Select List' in OData Context property. Clarified
Accept-Encoding Request header handling. Deleted duplicative and conflicting statement on returning
extended error resources. Clarified relative URI resolution rules. Various grammatical corrections. Clarified
USN format.
9. activation and de-activation of protection measures
The file where the events are written, one or more messages per event should at least have the following information :
User ID
Date, time
Event type
Event description
Thank you,
Susan Coombs (Verizon)
Below is the section on audit logs, from DSP0266, dated 2015-09-17, for reference:
9.5.3 Content of Audit Logs
Details : Need to generate events for the following
1. logon, log-off, modification of user accounts
2. successful and rejected login attempts,
3. successful and rejected connections to nodes and other resource access attempts
4. details about the modification of user accounts
5. all changes to the system configuration,
6. information about the use of built-in utilities running in Redfish compliant-devices(e.g. low-level diagnostic tools),
7. information about accessing the system interfaces of the Redfish compliant-devices
8. network addresses and protocols (e.g. workstation IP address and protocol used for access)
Redfish Scalable Platforms Management API Specification
Version 1.0.1 70
DSP0266
Published
Version Date Description
1.0.0 2015-8-4 Initial release
1.0.1 2015-9-17
Errata release. Clarified normative use of LongDescription in schema files. Clarified usage of the
'rel-describedby' link header. Corrected text in example of 'Select List' in OData Context property. Clarified
Accept-Encoding Request header handling. Deleted duplicative and conflicting statement on returning
extended error resources. Clarified relative URI resolution rules. Various grammatical corrections. Clarified
USN format.
9. activation and de-activation of protection measures
The file where the events are written, one or more messages per event should at least have the following information :
User ID
Date, time
Event type
Event description
Thank you,
Susan Coombs (Verizon)
