[dev.icinga.com #1161] store cmd.cgi submissions in log #531
Comments
Updated by mfriedrich on 2011-02-16 07:53:22 +00:00
|
Updated by ricardo on 2011-02-25 12:43:36 +00:00
I don't get this. Any Command you submit via cmd.cgi get's written into log file anyway. Can someone explain the use of this? |
Updated by ricardo on 2011-03-08 10:14:35 +00:00 closing this one? |
Updated by mfriedrich on 2011-03-08 10:17:31 +00:00 no. the idea was to create an optional logfile where the complete cmd.cgi string is stored + the user who was doing that. this should be added als "cgi.log" or similar. |
Updated by ricardo on 2011-03-08 11:35:26 +00:00 ok, this sounds different, because in the patch is the nagios.log mentioned. What is with the "log_external_commands_user" option ??? This option will log the name of the user who submitted the command. and if you wanne know all submitted commands, you can use logfile filter from now on. or we can put this in as debug code. so you have to switch it on if you need it (define #DEBUG). |
Updated by mfriedrich on 2011-03-08 11:40:35 +00:00 the log_external_command_user option only works if you put the commands in a special syntax on the command pipe. the cgis don't support it, and other plugins/addons (like nsca) also don't (a change of the syntax, which breaks compatibility). so this option was always intentionally left disabled, and only given to the users who wanted to use that. mainly it creates more errors than success, so i'd rather kick this feature out of the core again than integrate it somewhere else. furthermore the core shouldn't be bound too much on the cgis and vice versa. the overall idea was to take the patch and wrap that into a specific cgi log, and not icinga.log or similar. basically a feature request a while ago, where people where asking to log the actions their users do (because apache log won't tell exactly). sorry for not making this more clear, but i kept that as a todo for myself on collecting patches and reviewing them afterwards. |
Updated by ricardo on 2011-03-10 21:57:30 +00:00 would like to solve https://dev.icinga.org/issues/610, with this as well. It would be nice if all forced comments get stored in cgi.log as well. |
Updated by ricardo on 2011-03-11 14:20:54 +00:00 A consequence the apache would have write permission to log dir. solution, own log dir for cgi log. Is this what we want? |
Updated by mfriedrich on 2011-03-11 21:40:12 +00:00 opt-in, disabled by default. but when installing the cgis we'll also have an apache user at least for icinga.cmd so this would be a good point to require such things in the future. |
Updated by ricardo on 2011-03-14 13:30:34 +00:00
see commit: dca6ed6 4 new cgi.cfg options (default):
Function "write_to_cgi_log" added. The problem here is:
And as usual, test, test, test |
Updated by mfriedrich on 2011-03-14 20:59:09 +00:00 ad 1. should be resolvable by a try again loop? sth like
normally i'll solve that like that, just imagine a thread waiting for a mutex lock. or a reader polling the socket where no data comes through. ad 2. i would rotate the logs by size like ido2db debugfile. ad 3. sounds good, cmd.cgi is the initial place where this log becomes interesting. please post an RFC of the syntax in cgi.log either on icinga-devel and/or the wiki. |
Updated by mfriedrich on 2011-03-14 21:01:26 +00:00 ad 1. again, only run that try again loop several times after the command being sent. maybe with an #define MAX_ERROR_CNT 10 and
|
Updated by mfriedrich on 2011-04-27 18:06:27 +00:00 any more thoughts on that? |
Updated by ricardo on 2011-04-27 23:10:28 +00:00 will implement the log rotation lock check this week or next wek |
Updated by ricardo on 2011-04-28 22:30:44 +00:00
|
Updated by ricardo on 2011-04-28 22:32:35 +00:00 added remote address to every log entry as well. |
Updated by mfriedrich on 2011-05-02 16:00:41 +00:00
pretty neat, veryfied all fine for icinga 1.4
|
Updated by mfriedrich on 2014-12-08 09:39:55 +00:00
|
This issue has been migrated from Redmine: https://dev.icinga.com/issues/1161
Created by mfriedrich on 2011-01-27 16:14:55 +00:00
Assignee: ricardo
Status: Resolved (closed on 2011-05-02 16:00:41 +00:00)
Target Version: 1.4
Last Update: 2014-12-08 09:39:55 +00:00 (in Redmine)
by opsview
Attachments
Changesets
2011-03-14 16:03:39 +00:00 by ricardo 6de855d
2011-04-28 21:49:14 +00:00 by ricardo 35a5d6a
2011-05-02 12:46:55 +00:00 by mfriedrich 57698ca
2011-05-02 12:51:32 +00:00 by mfriedrich c6e0c11
2011-05-12 16:53:10 +00:00 by ricardo 2460d42
2011-06-04 09:44:43 +00:00 by ricardo 7581398
Relations:
The text was updated successfully, but these errors were encountered: