Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VAULT-23122: Audit fix for 'log_raw' issue #24968

Merged
merged 8 commits into from
Jan 22, 2024
Merged

VAULT-23122: Audit fix for 'log_raw' issue #24968

merged 8 commits into from
Jan 22, 2024

Conversation

peteski22
Copy link

@peteski22 peteski22 commented Jan 19, 2024
edited
Loading

This PR fixes a bug where the use of log_raw on any audit devices may have caused other devices (not configured with log_raw) to log raw audit data.

Please see: https://developer.hashicorp.com/vault/docs/upgrading/upgrade-to-1.15.x#audit-devices-could-log-raw-data-despite-configuration

Related PRs which also partially improve/fix this issue:

@peteski22 peteski22 added core Issues and Pull-Requests specific to Vault Core core/audit hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed labels Jan 19, 2024
@peteski22 peteski22 added this to the 1.15.5 milestone Jan 19, 2024
ncabatoff
ncabatoff reviewed Jan 19, 2024
View reviewed changes
audit/entry_formatter.go Outdated Show resolved Hide resolved
@github-actions GitHub Actions
Copy link

github-actions bot commented Jan 19, 2024
edited
Loading

CI Results:
All Go tests succeeded! ✅

@peteski22 peteski22 marked this pull request as ready for review January 19, 2024 20:51
@github-actions GitHub Actions
Copy link

Build Results:
All builds succeeded! ✅

@marcboudreau
Copy link
Contributor

I will take some time over the weekend to better understand this issue to make sure that we are fixing it completely.

Merge branch 'peteski22/VAULT-23122/audit-log-raw-fix' of github.com:…
6b03b1a 
…hashicorp/vault into peteski22/VAULT-23122/audit-log-raw-fix
kubawi
kubawi approved these changes Jan 22, 2024
View reviewed changes
Copy link
Contributor

@kubawi kubawi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@peteski22 peteski22 merged commit cfa3713 into main Jan 22, 2024
109 of 110 checks passed
@peteski22 peteski22 deleted the peteski22/VAULT-23122/audit-log-raw-fix branch January 22, 2024 12:03
Merged
@peteski22 peteski22 added the bug Used to indicate a potential bug label Jan 22, 2024
peteski22 pushed a commit that referenced this pull request Jan 22, 2024
VAULT-23122: Audit fix for 'log_raw' issue (#24968)
477c15f 
* Fix for log_raw issue on audit

* Updates and test change

* changelog

* Update test now that the original event won't have the formatted data
peteski22 pushed a commit that referenced this pull request Jan 22, 2024
@hc-github-team-secure-vault-core
VAULT-23122: Audit fix for 'log_raw' issue (#24968) (#24974)
2a72f2a 
* Fix for log_raw issue on audit

* Updates and test change

* changelog

* Update test now that the original event won't have the formatted data

Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kubawi kubawi kubawi approved these changes

@ncabatoff ncabatoff Awaiting requested review from ncabatoff

@marcboudreau marcboudreau Awaiting requested review from marcboudreau

Assignees
No one assigned
Labels
bug Used to indicate a potential bug core/audit core Issues and Pull-Requests specific to Vault Core hashicorp-contributed-pr If the PR is HashiCorp (i.e. not-community) contributed
Projects
None yet
Milestone
1.15.5
Development

Successfully merging this pull request may close these issues.
4 participants
@peteski22 @marcboudreau @ncabatoff @kubawi