Chuck Rolke created QPID-4079:
---------------------------------
Summary: C++ Broker needs log messages to track object life cycles
for auditing
Key: QPID-4079
URL: https://issues.apache.org/jira/browse/QPID-4079
Project: Qpid
Issue Type: Improvement
Components: C++ Broker
Affects Versions: 0.16
Reporter: Chuck Rolke
The C++ broker logs are unfriendly and incomplete for customers who are hoping
to audit system usage. Missing are log artifacts to expose which user created,
used, or destroyed which resource.
The proposed improvement adds INFO level log statements for the creation,
destruction, and major state changes to connection, session, and subscription
objects, and to exchange, queue, and binding objects.
>From this set of log messages a user could determine what user from what
>client system address created a connection, what sessions were created on that
>connection, and what subscriptions were created on those sessions. Similarly
>the exchange-binding-queue objects would have enough in their log messages to
>correlate the interactions between them.
The log message for the destruction of an object would contain a record of all
the management statistics kept for that object. Then, working through the log
records a customer could attribute broker usage back to specific users.
This class of log message has been requested by customers using Security
Information and Event Management (SIEM) systems to scrape information from
broker event logs.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
