Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

disabled_transport_categories setting on an audit logging config may be unnecessary after transport client removal #3380

Open
cwperks opened this issue Sep 19, 2023 · 2 comments
Open

disabled_transport_categories setting on an audit logging config may be unnecessary after transport client removal #3380

cwperks opened this issue Sep 19, 2023 · 2 comments
Labels
bug Something isn't working triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.

Comments

@cwperks
Copy link
Member

cwperks commented Sep 19, 2023

Since OpenSearch 2.0, support for the transport client has been removed. The transport client was removed from the security plugin in this PR: #1701

My understanding of disabled_transport_categories is that it is used to enable an audit logging to log events from originating from the transport client.

Below is an example of a audit logging config of the security plugin's audit.yml file from the demo configuration:

config:
  # enable/disable audit logging
  enabled: true

  audit:
    # Enable/disable REST API auditing
    enable_rest: true

    # Categories to exclude from REST API auditing
    disabled_rest_categories:
      - AUTHENTICATED
      - GRANTED_PRIVILEGES

    # Enable/disable Transport API auditing
    enable_transport: true

    # Categories to exclude from Transport API auditing
    disabled_transport_categories:
      - AUTHENTICATED
      - GRANTED_PRIVILEGES

The disabled_transport_categories setting may not be needed here after the TransportClient's removal.

First: Determine if it is safe to remove values from settings.
Second: If safe to remove, remove. If not, update documentation.
@cwperks cwperks added bug Something isn't working untriaged Require the attention of the repository maintainers and may need to be prioritized labels Sep 19, 2023
@davidlago davidlago removed the untriaged Require the attention of the repository maintainers and may need to be prioritized label Oct 2, 2023
@davidlago
Copy link

[Triaging] Need more clear determination of whether TransportClient related codepaths can be removed, and also clearer exit criteria for the issue.

@stephen-crawford
Copy link
Contributor

[Triage] This looks like the exit criteria and additional info has been added.

@stephen-crawford stephen-crawford added the triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable. label Oct 30, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triaged Issues labeled as 'Triaged' have been reviewed and are deemed actionable.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@davidlago @cwperks @stephen-crawford