[trafficcontrol] branch 4.1.x updated: Remove audit logging from POST /serverchecks endpoint (#4683) (#4726)

[rawlin]

This is an automated email from the ASF dual-hosted git repository.

rawlin pushed a commit to branch 4.1.x
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git


The following commit(s) were added to refs/heads/4.1.x by this push:
     new 897894c  Remove audit logging from POST /serverchecks endpoint (#4683) 
(#4726)
897894c is described below

commit 897894ce37c30fc6a3e2ea8aff8a2a2840bdf659
Author: Rawlin Peters <raw...@apache.org>
AuthorDate: Thu May 28 10:08:43 2020 -0600

    Remove audit logging from POST /serverchecks endpoint (#4683) (#4726)
    
    Since this endpoint gets called once a minute per server, this can
    seriously spam the audit log.
    
    (cherry picked from commit 1d9934f6686ee399a56b459087621c5808e1565f)
---
 CHANGELOG.md                                              | 1 +
 traffic_ops/traffic_ops_golang/servercheck/servercheck.go | 6 +++---
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 745df50..5f8972a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -59,6 +59,7 @@ The format is based on [Keep a 
Changelog](http://keepachangelog.com/en/1.0.0/).
 - Fix to traffic_ops_ort to generate logging.yaml files correctly.
 - Fixed issue #4650: add the "Vary: Accept-Encoding" header to all responses 
from Traffic Ops
 - Fixed ORT config generation not using the coalesce_number_v6 Parameter.
+- Removed audit logging from the `POST /api/x/serverchecks` Traffic Ops API 
endpoint in order to reduce audit log spam
 
 ### Deprecated/Removed
 - The Traffic Ops `db/admin.pl` script has now been removed. Please use the 
`db/admin` binary instead.
diff --git a/traffic_ops/traffic_ops_golang/servercheck/servercheck.go 
b/traffic_ops/traffic_ops_golang/servercheck/servercheck.go
index 4934dd4..84449b9 100644
--- a/traffic_ops/traffic_ops_golang/servercheck/servercheck.go
+++ b/traffic_ops/traffic_ops_golang/servercheck/servercheck.go
@@ -149,9 +149,9 @@ func CreateUpdateServercheck(w http.ResponseWriter, r 
*http.Request) {
                return
        }
 
-       successMsg := "Server Check was successfully updated"
-       api.CreateChangeLogRawTx(api.ApiChange, successMsg, inf.User, inf.Tx.Tx)
-       api.WriteRespAlert(w, r, tc.SuccessLevel, successMsg)
+       // NOTE: this endpoint does not create an audit log entry in order to 
prevent
+       //       spamming the audit log with thousands of entries every minute
+       api.WriteRespAlert(w, r, tc.SuccessLevel, "Server Check was 
successfully updated")
 }
 
 func getServerID(id *int, hostname *string, tx *sql.Tx) (int, bool, error) {