Cloud Service Management outputs audit logs of all operations performed on resources, excluding reference operations.
Audit logs are output for operations performed from the Cloud Management Portal and using commands. Addition, modification, and deletion operations for which requests are submitted are logged to the audit log using the requester ID after all approval processes are complete and the corresponding resource operations have taken place.
The resource operations that are logged are as follows:
Registration, modification, and deletion
Contracts
Menus
Platforms
Services
Organizations
Users
Projects
Accounting Code
Addition and deletion
Key Pairs
Deletion
Requests
Starting, stopping, and snapshots
Services
This section explains how to configure the audit log and the information that is output.
csm_auditlog.xml
%FSCSM_HOME%\conf
Setting Items | Value | Default Value | Description |
|---|---|---|---|
File | <Output_file_name> | ${com.fujitsu.csb.home}/log/fscsm_audit.log | The output destination of the audit log. ${com.fujitsu.csb.home} indicates the installation folder. |
MaxFileSize | <The maximum size of the log file> | 10 MB | Specifies the maximum file size for the audit log file. The file size can be specified using the combination of an integer greater than 0 and a unit (KB, MB, or GB). |
MaxBackupIndex | <Number of generations of log files> | 9 | Specifies the number of generations of log files that can be saved. Specify an integer between 1 and 100. |
Depending on the user ID or resource ID, approximately 70 bytes are used for the logging of each operation. Estimate the total number of resource operations performed per day and then set the MaxFileSize and MaxBackupIndex so that the log file has enough space to record the expected number of operation events.
Each entry is output in the following format:
"Time Operator/Requester Operation Success/Failure"
For command operations:
"Time Command name Operation Success/Failure"
Item | Content |
|---|---|
Time | Outputs the date and time when the operation was performed in the format "yyyy/MM/dd HH:mm:ss.SSS". |
Operator/Requester | Outputs the ID of the user who performed the operation or the user who requested the operation. |
Operation | Outputs the operation and the target resource names. |
Success/Failure | When a resource operation was successful, "SUCCESS" is output. When a resource operation failed, "FAILED" is output. |
Operation | Content |
|---|---|
A contract was created | create contract:[Contract ID] |
A contract was modified | modify contract:[Contract ID] |
A contract was deleted | delete contract:[Contract ID] |
A menu was created | create menu:[Menu ID] |
A menu was modified | modify menu:[Menu ID] |
A menu was deleted | delete menu:[Menu ID] |
A platform was created | create bizsystem:[Platform ID] |
A platform was modified | modify bizsystem:[Platform ID] |
A platform was deleted | delete bizsystem:[Platform ID] |
A service was created | create service:[Service ID] |
A service was modified | modify service:[Service ID] |
A service was deleted | delete service:[Service ID] |
An organization was created | create org:[Organization ID] |
An organization was modified | modify org:[Organization ID] |
An organization was deleted | delete org:[Organization ID] |
A user was created | create user:[User ID] |
A user was modified | modify user:[User ID] |
A user was deleted | delete user:[User ID] |
A service was started | start service:[Service ID] |
A service was stopped | stop service:[Service ID] |
A snapshot was created | create snapshot:[Snapshot ID] |
A snapshot was restored | restore snapshot:[Snapshot ID] |
A snapshot was deleted | delete snapshot:[Snapshot ID] |
A project was created | create project:[Project ID] |
A project was modified | modify project:[Project ID] |
A project was deleted | delete project:[Project ID] |
An accounting code was created | create accountingcode:[accounting code] |
An accounting code was modified | modify accountingcode:[accounting code] |
An accounting code was deleted | delete accountingcode:[accounting code] |
A request was deleted | delete: [Request ID] |
A key pair was created | create keypair:[Platform ID]_[Key Pair Name] |
A key pair was deleted | delete keypair:[Platform ID]_[Key Pair Name] |
2015/06/29 14:35:30.902 fscsm_user create user:op_user SUCCESS 2015/06/29 14:38:18.230 fscsm_user create user:op_manager FAILED 2015/06/29 15:29:43.361 op_manager create org: org_01 SUCCESS 2015/06/29 15:33:51.690 pl_manager create menu: menu_01 SUCCESS 2015/06/29 15:47:30.988 op_manager delete user: sv_manager SUCCESS 2015/06/29 15:49:49.692 op_manager modify user:biz_manager SUCCESS 2015/06/29 16:07:07.381 biz_manager_002 create bizsystem:1 SUCCESS 2015/06/29 16:11:26.194 biz_manager01 create bizsystem:2 SUCCESS 2015/06/29 16:16:19.288 biz_manager_002 modify user:biz_manager SUCCESS 2015/06/29 16:18:49.851 pl_manager modify menu: menu_01 SUCCESS 2015/06/29 4:19:18 PM.382 biz_manager_002 create bizsystem:3 SUCCESS 2015/06/29 16:21:49.945 pl_user modify menu: menu_01 SUCCESS 2015/06/29 16:25:22.274 biz_manager create service:vm-1-biz01 FAILED 2015/06/29 18:07:40.583 biz_manager create service:vm-1-gyoumu100 SUCCESS 2015/06/29 18:07:45.654 biz_manager start service: vm-1-gyoumu100 SUCCESS 2015/06/29 18:09:10.942 biz_manager create snapshot:vm-1-gyoumu100 SUCCESS 2016/02/05 09:11:21.617 fscsm_request delete request:56,57,58 SUCCESS 2016/02/05 10:00:00.000 user001 create bizsystem:platformA SUCCESS 2016/02/05 10:10:00.000 user002 create keypair:platformA_keypairA SUCCESS 2016/02/05 11:00:00.000 user002 create keypair:platformA_keypairB SUCCESS 2016/02/05 11:00:01.000 user002 delete keypair:platformA_keypairA SUCCESS |
