Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Audit security configuration changes #37914

Open
albertzaharovits opened this issue Jan 28, 2019 · 2 comments
Open

Audit security configuration changes #37914

albertzaharovits opened this issue Jan 28, 2019 · 2 comments
Assignees
Labels
>enhancement :Security/Audit X-Pack Audit logging Team:Security Meta label for security team

Comments

@albertzaharovits
Copy link
Contributor

albertzaharovits commented Jan 28, 2019

Add audit event types that describe changes to the security configurations:

  • Adding/Deleting/Changing users/roles/role mappings
  • TLS certs reloaded
  • Realms configuration changes

Related: #29766

@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security

@Jac2NL
Copy link

Jac2NL commented May 12, 2019

It's astonishing that these capabilities are currently missing!

Quoting the Elastic website: "Audit Logging: Have a Record of Who Did What and When. Perhaps the quiet hero of the security world, our audit log features let you easily maintain a complete record of all system and user activity."

What good is an auditing system which does not record the actual object that is changed? We know "Who" and "When" but not "What".

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
>enhancement :Security/Audit X-Pack Audit logging Team:Security Meta label for security team
Projects
None yet
Development

No branches or pull requests

5 participants