- Notifications
You must be signed in to change notification settings - Fork905
feat: add support for workspace app audit#16801
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
e94f72d to054a301CompareUh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
coderd/database/migrations/000301_add_workspace_app_audit_sessions.up.sql OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
coderd/database/migrations/000301_add_workspace_app_audit_sessions.up.sql OutdatedShow resolvedHide resolved
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
I've implemented the requested changes, PTAL. Up-to-date view of audit log:  We still don't have any custom handling for terminal entry and port forward entry, they will just say "opened the agent". |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
I don't have any further comments! Thanks for working on this@mafredri !
| switch { | ||
| case alog.AuditLog.StatusCode == int32(http.StatusSeeOther): | ||
| _, _ = b.WriteString("was redirected attempting to ") | ||
| _, _ = b.WriteString(string(alog.AuditLog.Action)) | ||
| case alog.AuditLog.StatusCode >= 400: | ||
| _, _ = b.WriteString("unsuccessfully attempted to ") | ||
| _, _ = b.WriteString(string(alog.AuditLog.Action)) | ||
| } else { | ||
| default: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
👍
de41bd6 intomainUh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
This change adds support for workspace app auditing.
To avoid audit log spam, we introduce the concept of app audit sessions. An audit session is unique per workspace app, user, ip, user agent and http status code. The sessions are stored in a separate table from audit logs to allow use-case specific optimizations. Sessions are ephemeral and the table does not function as a log.
The logic for auditing is placed in the DBTokenProvider for workspace apps so that wsproxies are included.
This is the final change affecting the API fo#15139.
Updates#15139