Skip to content

Commit

Permalink
Move audit logs to a dedicated logs directory (#116562)
Browse files Browse the repository at this point in the history
Co-authored-by: Aleh Zasypkin <aleh.zasypkin@gmail.com>
  • Loading branch information
2 people authored and kibanamachine committed Nov 10, 2021
1 parent ab1471d commit eda348d
Show file tree
Hide file tree
Showing 9 changed files with 45 additions and 13 deletions.
2 changes: 1 addition & 1 deletion docs/settings/security-settings.asciidoc
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ For more details and a reference of audit events, refer to <<xpack-security-audi
xpack.security.audit.enabled: true
xpack.security.audit.appender: <1>
type: rolling-file
fileName: ./data/audit.log
fileName: ./logs/audit.log
policy:
type: time-interval
interval: 24h <2>
Expand Down
Empty file added logs/.empty
Empty file.
28 changes: 21 additions & 7 deletions packages/kbn-utils/src/path/index.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -7,21 +7,35 @@
*/

import { accessSync, constants } from 'fs';
import { getConfigPath, getDataPath, getConfigDirectory } from './';
import { createAbsolutePathSerializer } from '@kbn/dev-utils';
import { getConfigPath, getDataPath, getLogsPath, getConfigDirectory } from './';

expect.addSnapshotSerializer(createAbsolutePathSerializer());

describe('Default path finder', () => {
it('should find a kibana.yml', () => {
const configPath = getConfigPath();
expect(() => accessSync(configPath, constants.R_OK)).not.toThrow();
it('should expose a path to the config directory', () => {
expect(getConfigDirectory()).toMatchInlineSnapshot('<absolute path>/config');
});

it('should find a data directory', () => {
const dataPath = getDataPath();
expect(() => accessSync(dataPath, constants.R_OK)).not.toThrow();
it('should expose a path to the kibana.yml', () => {
expect(getConfigPath()).toMatchInlineSnapshot('<absolute path>/config/kibana.yml');
});

it('should expose a path to the data directory', () => {
expect(getDataPath()).toMatchInlineSnapshot('<absolute path>/data');
});

it('should expose a path to the logs directory', () => {
expect(getLogsPath()).toMatchInlineSnapshot('<absolute path>/logs');
});

it('should find a config directory', () => {
const configDirectory = getConfigDirectory();
expect(() => accessSync(configDirectory, constants.R_OK)).not.toThrow();
});

it('should find a kibana.yml', () => {
const configPath = getConfigPath();
expect(() => accessSync(configPath, constants.R_OK)).not.toThrow();
});
});
8 changes: 8 additions & 0 deletions packages/kbn-utils/src/path/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,8 @@ const CONFIG_DIRECTORIES = [

const DATA_PATHS = [join(REPO_ROOT, 'data'), '/var/lib/kibana'].filter(isString);

const LOGS_PATHS = [join(REPO_ROOT, 'logs'), '/var/log/kibana'].filter(isString);

function findFile(paths: string[]) {
const availablePath = paths.find((configPath) => {
try {
Expand Down Expand Up @@ -57,6 +59,12 @@ export const getConfigDirectory = () => findFile(CONFIG_DIRECTORIES);
*/
export const getDataPath = () => findFile(DATA_PATHS);

/**
* Get the directory containing logs
* @internal
*/
export const getLogsPath = () => findFile(LOGS_PATHS);

export type PathConfigType = TypeOf<typeof config.schema>;

export const config = {
Expand Down
1 change: 1 addition & 0 deletions src/dev/build/tasks/clean_tasks.ts
Original file line number Diff line number Diff line change
Expand Up @@ -196,6 +196,7 @@ export const CleanEmptyFolders: Task = {
await deleteEmptyFolders(log, build.resolvePath('.'), [
build.resolvePath('plugins'),
build.resolvePath('data'),
build.resolvePath('logs'),
]);
},
};
6 changes: 5 additions & 1 deletion src/dev/build/tasks/create_empty_dirs_and_files_task.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ export const CreateEmptyDirsAndFiles: Task = {
description: 'Creating some empty directories and files to prevent file-permission issues',

async run(config, log, build) {
await Promise.all([mkdirp(build.resolvePath('plugins')), mkdirp(build.resolvePath('data'))]);
await Promise.all([
mkdirp(build.resolvePath('plugins')),
mkdirp(build.resolvePath('data')),
mkdirp(build.resolvePath('logs')),
]);
},
};
5 changes: 5 additions & 0 deletions src/dev/build/tasks/os_packages/run_fpm.ts
Original file line number Diff line number Diff line change
Expand Up @@ -113,6 +113,8 @@ export async function runFpm(
'--exclude',
`usr/share/kibana/data`,
'--exclude',
`usr/share/kibana/logs`,
'--exclude',
'run/kibana/.gitempty',

// flags specific to the package we are building, supplied by tasks below
Expand All @@ -129,6 +131,9 @@ export async function runFpm(
// copy the data directory at /var/lib/kibana
`${resolveWithTrailingSlash(fromBuild('data'))}=/var/lib/kibana/`,

// copy the logs directory at /var/log/kibana
`${resolveWithTrailingSlash(fromBuild('logs'))}=/var/log/kibana/`,

// copy package configurations
`${resolveWithTrailingSlash(__dirname, 'service_templates/systemd/')}=/`,

Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugins/security/server/config.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jest.mock('crypto', () => ({
}));

jest.mock('@kbn/utils', () => ({
getDataPath: () => '/mock/kibana/data/path',
getLogsPath: () => '/mock/kibana/logs/path',
}));

import { loggingSystemMock } from 'src/core/server/mocks';
Expand Down Expand Up @@ -1720,7 +1720,7 @@ describe('createConfig()', () => {
).audit.appender
).toMatchInlineSnapshot(`
Object {
"fileName": "/mock/kibana/data/path/audit.log",
"fileName": "/mock/kibana/logs/path/audit.log",
"layout": Object {
"type": "json",
},
Expand Down
4 changes: 2 additions & 2 deletions x-pack/plugins/security/server/config.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import path from 'path';
import type { Type, TypeOf } from '@kbn/config-schema';
import { schema } from '@kbn/config-schema';
import { i18n } from '@kbn/i18n';
import { getDataPath } from '@kbn/utils';
import { getLogsPath } from '@kbn/utils';
import type { AppenderConfigType, Logger } from 'src/core/server';

import { config as coreConfig } from '../../../../src/core/server';
Expand Down Expand Up @@ -378,7 +378,7 @@ export function createConfig(
config.audit.appender ??
({
type: 'rolling-file',
fileName: path.join(getDataPath(), 'audit.log'),
fileName: path.join(getLogsPath(), 'audit.log'),
layout: {
type: 'json',
},
Expand Down

0 comments on commit eda348d

Please sign in to comment.