Skip to content

Fix deprecation of audit log settings#36175

Merged
albertzaharovits merged 3 commits intoelastic:6.xfrom
albertzaharovits:fix_deprecation_audit_log
Dec 3, 2018
Merged

Fix deprecation of audit log settings#36175
albertzaharovits merged 3 commits intoelastic:6.xfrom
albertzaharovits:fix_deprecation_audit_log

Conversation

@albertzaharovits
Copy link
Copy Markdown
Contributor

@albertzaharovits albertzaharovits commented Dec 3, 2018
edited
Loading

I have botched deprecating the "prefix" logfile audit settings in #34475 , by not registering them.

This commit fixes this, and adds a test that these deprecated settings still work and are dynamic.

Closes #36162

@albertzaharovits albertzaharovits self-assigned this Dec 3, 2018
@elasticmachine
Copy link
Copy Markdown
Collaborator

elasticmachine commented Dec 3, 2018

Pinging @elastic/es-security

jaymode
jaymode approved these changes Dec 3, 2018
View reviewed changes
Copy link
Copy Markdown
Member

@jaymode jaymode left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a couple of small comments. Otherwise LGTM

.../test/java/org/elasticsearch/xpack/security/audit/logfile/AuditTrailSettingsUpdateTests.java Outdated
settingsBuilder.put("xpack.security.audit.outputs", "logfile");
// add only startup filter policies
settingsBuilder.put(startupFilterSettings);
// we cannot test deprecated variants of these settings because they are overriden
Copy link
Copy Markdown
Member

@jaymode jaymode Dec 3, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this comment is confusing. Maybe say "Remove non-deprecated version of prefix settings so that we can test the deprecated variant" ?

.../test/java/org/elasticsearch/xpack/security/audit/logfile/AuditTrailSettingsUpdateTests.java
updateSettings(settingsBuilder.build(), persistent);
assertThat(loggingAuditTrail.entryCommonFields.commonFields.containsKey(LoggingAuditTrail.NODE_NAME_FIELD_NAME), is(false));
assertThat(loggingAuditTrail.entryCommonFields.commonFields.containsKey(LoggingAuditTrail.HOST_ADDRESS_FIELD_NAME), is(false));
assertThat(loggingAuditTrail.entryCommonFields.commonFields.containsKey(LoggingAuditTrail.HOST_NAME_FIELD_NAME), is(false));
Copy link
Copy Markdown
Member

@jaymode jaymode Dec 3, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just to be a bit paranoid, can you set them back to true and verify?

@albertzaharovits albertzaharovits merged commit 4e0a403 into elastic:6.x Dec 3, 2018
albertzaharovits added a commit that referenced this pull request Dec 4, 2018
@albertzaharovits
Fix deprecation of audit log settings (#36175)
78389f0 
I have botched deprecating the "prefix" logfile audit settings
in #34475 , by not registering them.
This commit fixes it and also adds a test that these deprecated
settings are indeed still working and are dynamic.

Closes #36162
@albertzaharovits albertzaharovits deleted the fix_deprecation_audit_log branch December 4, 2018 00:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jaymode jaymode jaymode approved these changes

Assignees

@albertzaharovits albertzaharovits

Labels

>bug :Security/Audit X-Pack Audit logging v6.5.3 v6.6.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@albertzaharovits @elasticmachine @jaymode