Most of our IPA activity occurs through a local web application. It logs all IPA commands that it issues. This includes creating user, managing groups, etc. I will say that this log has proven really useful. However it doesn’t capture IPA commands issued directly. It would be really great for the IPA server to log commands some format that’s fairly easy to make sense of.
> On Jan 15, 2020, at 2:28 PM, Ryan Slominski via FreeIPA-users > <freeipa-users@lists.fedorahosted.org> wrote: > > Hi FreeIPA dudes, > > What is the status of audit in IPA? Specifically, is there an easy way to > determine what was the group membership of a particular group was at a > particular point in time, say last October? I noticed there is an audit > log file (disabled by default), but that is going to be a not-so-easy way to > try to re-construct group membership at a point in time in the past. I was > hoping to just navigate to a "history" tab on the GUI, but no such luck. Is > this on anyone's todo list? I also noticed a "Centralized Logging" webpage > that suggest setting up an ELK stack, but that doesn't quite provide > snapshots of group membership. > > What about the ability to subscribe to changes (as opposed to poll them)? I > suppose the replication features could be used somehow, but those are also > polling based? Would be nice to configure simple callbacks (perhaps HTTP > post) when things change. I believe this is called a webhook. Any support > for this kind of notification system? > > Thanks, > > Ryan > _______________________________________________ > FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org > To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
