From b6b3fe9e72c2712bfd5e1aedba0dcd2b451e6baf Mon Sep 17 00:00:00 2001 From: ddeyo Date: Tue, 11 Sep 2018 14:20:43 -0700 Subject: [PATCH 1/3] build issues fixed --- ee/ucp/admin/configure/create-audit-logs.md | 31 ++++++++++++--------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/ee/ucp/admin/configure/create-audit-logs.md b/ee/ucp/admin/configure/create-audit-logs.md index f3cf53cda9..f67351bd9a 100644 --- a/ee/ucp/admin/configure/create-audit-logs.md +++ b/ee/ucp/admin/configure/create-audit-logs.md @@ -38,23 +38,28 @@ You can use audit logs to help with the following use cases: ## Procedure -1. Download the UCP Client bundle [Download client bundle from the command line] (https://success.docker.com/article/download-client-bundle-from-the-cli). +1. Download the UCP Client bundle [Download client bundle from the command line](https://success.docker.com/article/download-client-bundle-from-the-cli). 2. Retrieve JSON for current audit log configuration. -``` -export DOCKER_CERT_PATH=~/ucp-bundle-dir/ -curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -X GET https://ucp-domain/api/ucp/config/logging > auditlog.json -``` -3. Modify the auditLevel field to metadata or request. -``` -vi auditlog.json -{"logLevel":"INFO","auditLevel":"metadata","supportDumpIncludeAuditLogs":false} -``` + ``` + export DOCKER_CERT_PATH=~/ucp-bundle-dir/ + curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -X GET https://ucp-domain/api/ucp/config/logging > auditlog.json + ``` + +3. Modify the auditLevel field to metadata or request. + + ``` + vi auditlog.json + + {"logLevel":"INFO","auditLevel":"metadata","supportDumpIncludeAuditLogs":false} + ``` + 4. Send the JSON request for the auditlog config with the same API path but with the `PUT` method. -``` -curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -H "Content-Type: application/json" -X PUT --data $(cat auditlog.json) https://ucp-domain/api/ucp/config/logging -``` + + ``` + curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -H "Content-Type: application/json" -X PUT --data $(cat auditlog.json) https://ucp-domain/api/ucp/config/logging + ``` 5. Create any workload or RBAC grants in Kubernetes and generate a support dump to check the contents of ucp-controller.log file for audit log entries. From ba06a8cee2e96c85c8bcda4c18d3fb1501ee7fd8 Mon Sep 17 00:00:00 2001 From: ddeyo Date: Wed, 12 Sep 2018 14:41:49 -0700 Subject: [PATCH 2/3] maria's feedback incorporated --- ee/ucp/admin/configure/create-audit-logs.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/ee/ucp/admin/configure/create-audit-logs.md b/ee/ucp/admin/configure/create-audit-logs.md index f67351bd9a..e19b19d6a3 100644 --- a/ee/ucp/admin/configure/create-audit-logs.md +++ b/ee/ucp/admin/configure/create-audit-logs.md @@ -47,12 +47,14 @@ You can use audit logs to help with the following use cases: curl --cert ${DOCKER_CERT_PATH}/cert.pem --key ${DOCKER_CERT_PATH}/key.pem --cacert ${DOCKER_CERT_PATH}/ca.pem -k -X GET https://ucp-domain/api/ucp/config/logging > auditlog.json ``` -3. Modify the auditLevel field to metadata or request. +3. Open auditlog.json to modify the 'auditlevel' field to `metadata` or `request`. ``` - vi auditlog.json - - {"logLevel":"INFO","auditLevel":"metadata","supportDumpIncludeAuditLogs":false} + { + "logLevel": "INFO", + "auditLevel": "metadata", + "supportDumpIncludeAuditLogs": false + } ``` 4. Send the JSON request for the auditlog config with the same API path but with the `PUT` method. From 4f1c25402701e8280e2df84bb51f5b5f31a31709 Mon Sep 17 00:00:00 2001 From: ddeyo Date: Wed, 12 Sep 2018 14:44:57 -0700 Subject: [PATCH 3/3] link fixed --- ee/ucp/admin/configure/create-audit-logs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/admin/configure/create-audit-logs.md b/ee/ucp/admin/configure/create-audit-logs.md index e19b19d6a3..ffe4fd7526 100644 --- a/ee/ucp/admin/configure/create-audit-logs.md +++ b/ee/ucp/admin/configure/create-audit-logs.md @@ -65,7 +65,7 @@ You can use audit logs to help with the following use cases: 5. Create any workload or RBAC grants in Kubernetes and generate a support dump to check the contents of ucp-controller.log file for audit log entries. -6. Optionally, configure the Docker Engine driver to logstash and collect and query audit logs within ELK stack after deploying ELK. https://success.docker.com/article/elasticsearch-logstash-kibana-logging +6. Optionally, configure the Docker Engine driver to logstash and collect and query audit logs within ELK stack after deploying ELK. (https://success.docker.com/article/elasticsearch-logstash-kibana-logging) ## API endpoints ignored