Uploaded image for project: 'Documentation'
  1. Documentation
  2. DOCS-14305

Investigate changes in SERVER-24912: Include Client Metadata in audit logs

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed
    • Priority: Major - P3
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: 4.9.0
    • Component/s: manual, Server
    • Labels:
      None
    • Last comment by Customer:
      true
    • Story Points:
      3
    • Sprint:
      ServerDocs2021: Jun29 - Jul6, ServerDocs2021: Jul6 - Jul13, ServerDocs2021: Jul13 - Jul20, ServerDocs2021: Jul20 - Jul27, ServerDocs2021: Jul27 - Aug3

      Description

      Description

      Downstream Change Summary

      This commit introduces a new audit event atype: "clientMetadata". This event is emitted when metadata for a client connection is finalized during the first hello request. This new type of event may have two fields in "param":

      • "localEndpoint" will contain the interface upon which the connection was established. It can be either a port and ip (
        Unknown macro: {ip}

        ) or a file path (

        Unknown macro: {unix}

        ).

      • "clientMetadata" will contain the metadata provided by the client driver (if any) including application name. This currently has a schema like so:
        "clientMetadata" : {
        "application" :
        Unknown macro: { "name" }

        ,
        "driver" :

        Unknown macro: { "name" }

        ,
        "os" :

        Unknown macro: { "type" }

        }

      This commit also introduces a new field "uuid" in every audit entry which can be used to uniquely identify a client connection. This uuid is also logged as part of LOGV2(22943) and LOGV2(22944).

      Lastly, the "local" field in audit entries is to be considered deprecated in favor of the "param.localEndpoint" field in the "clientMetadata" event. We have no plans to remove the "local" field at this time, but we are reserving the right to do so if we need to reduce the size of audit logs in a future stable release.

      Description of Linked Ticket

      Suggest:

      • Whole client metadata document in auth-related audit log entries
      • AppName string in all other audit log entries

      Scope of changes

      Impact to Other Docs

      MVP (Work and Date)

      Resources (Scope or Design Docs, Invision, etc.)

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              jason.price Jason Price
              Reporter:
              backlog-server-pm Backlog - Core Eng Program Management Team
              Participants:
              Last commenter:
              Jason Price Jason Price
              External Reviewer:
              Sara Golemon
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since reply:
                44 weeks, 4 days ago
                Date of 1st Reply: