-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
S3 API Audit log
Konstantin Lebedev edited this page Jan 18, 2022
·
7 revisions
weed s3 -auditLogConfig=/etc/seaweedfs/auditLogConfig.json
{
"fluent_port": 24224,
"fluent_host": "127.0.0.1",
"fluent_network": "tcp",
"timeout": 3000,
"write_timeout": 0,
"buffer_limit": 8192,
"retry_wait": 500,
"max_retry": 13,
"max_retry_wait": 60000,
"tag_prefix": ""
}
{"requester":"bennu","host_id":"api-698ccd9645-sccv6","status":200,"time":1639395995,"operation":"REST.PUT.OBJECT","remote_ip":"10.106.70.45","signature_version":"SigV4","bucket":"bennu-files","user_agent":"Python/3.8 aiohttp/3.6.2","key":"/2021/12/13/a029a35d-b73c-42f1-9540-7f0370a17f7c","request_id":"c89f2a45eebc63f2b01aca823a1f6cba","host_header":"bennu-files.s3-proxy.svc","error_code":""}
{"requester":"bennu","host_id":"api-698ccd9645-g8fht","status":200,"time":1639395992,"operation":"REST.GET.OBJECT","remote_ip":"10.106.70.45","signature_version":"SigV4","bucket":"bennu-files","user_agent":"Python/3.8 aiohttp/3.6.2","key":"/2021/12/13/69f82cd8-ff31-476d-aa53-5e1e2109b84c","request_id":"570ceb8d3b8c31d51070910a78b26045","host_header":"bennu-files.s3-proxy.svc","error_code":""}
logstash.conf:
filter {
if [tags][0] and [tags][0] =~ /s3.access/ {
ruby {
code => 'event.set("environment", ((event.get("tags").first).split(".")).first)'
add_field => { "[@metadata][input_type]" => "s3.access" }
remove_field => [ host, "@timestamp", "@version", port, tags ]
}
}
if ![environment] or [environment] == "" {
mutate {
replace => { "environment" => "unknown" }
}
}
}
input {
tcp {
codec => fluent
port => 24224
}
}
output {
if [@metadata][input_type] == "s3.access" {
clickhouse {
headers => ["Authorization", "Basic ${CLICKHOUSE_BASIC_AUTH}"]
http_hosts => ["${CLICKHOUSE_URL}", "${CLICKHOUSE_URL}"]
table => "${CLICKHOUSE_TABLE}"
flush_size => 1000
pool_max => 1000
idle_flush_time => 5
backoff_time => 3
request_tolerance => 5
automatic_retries => 1
save_on_failure => true
save_dir => "${CLICKHOUSE_SAVE_DIR}"
date_time_input_format => "best_effort"
skip_unknown => "1"
id => "clickhouse"
}
}
}
- Replication
- Store file with a Time To Live
- Failover Master Server
- Erasure coding for warm storage
- Server Startup Setup
- Environment Variables
- Filer Setup
- Directories and Files
- Data Structure for Large Files
- Filer Data Encryption
- Filer Commands and Operations
- Filer JWT Use
- Filer Cassandra Setup
- Filer Redis Setup
- Super Large Directories
- Path-Specific Filer Store
- Choosing a Filer Store
- Customize Filer Store
- Migrate to Filer Store
- Add New Filer Store
- Filer Store Replication
- Filer Active Active cross cluster continuous synchronization
- Filer as a Key-Large-Value Store
- Path Specific Configuration
- Filer Change Data Capture
- Cloud Drive Benefits
- Cloud Drive Architecture
- Configure Remote Storage
- Mount Remote Storage
- Cache Remote Storage
- Cloud Drive Quick Setup
- Gateway to Remote Object Storage
- Amazon S3 API
- AWS CLI with SeaweedFS
- s3cmd with SeaweedFS
- rclone with SeaweedFS
- restic with SeaweedFS
- nodejs with Seaweed S3
- S3 API Benchmark
- S3 API FAQ
- S3 Bucket Quota
- S3 API Audit log
- S3 Nginx Proxy
- Docker Compose for S3
- Hadoop Compatible File System
- run Spark on SeaweedFS
- run HBase on SeaweedFS
- run Presto on SeaweedFS
- Hadoop Benchmark
- HDFS via S3 connector
- Async Replication to another Filer [Deprecated]
- Async Backup
- Async Filer Metadata Backup
- Async Replication to Cloud [Deprecated]
- Kubernetes Backups and Recovery with K8up