feat(logshipper): add config to send audit logs

cloudoperators · Sep 5, 2024 · 12e4916 · 12e4916
1 parent 62f6c7d
commit 12e4916
Show file tree

Hide file tree

Showing 2 changed files with 43 additions and 3 deletions.
diff --git a/charts/greenhouse/Chart.yaml b/charts/greenhouse/Chart.yaml
@@ -5,7 +5,7 @@ apiVersion: v2
 name: greenhouse
 description: A Helm chart for deploying greenhouse
 type: application
-version: 0.2.1
+version: 0.2.2
 appVersion: "0.1.0"
 
 dependencies:

diff --git a/charts/greenhouse/templates/pluginconfig-logshipping.yaml b/charts/greenhouse/templates/pluginconfig-logshipping.yaml
@@ -8,7 +8,7 @@ apiVersion: greenhouse.sap/v1alpha1
 kind: Plugin
 metadata:
   name: logshipper-greenhouse
-  namespace: {{ .Chart.Name }}
+  namespace: {{ .Release.Namespace }}
 spec:
   pluginDefinition: logshipper
   disabled: false
@@ -41,5 +41,45 @@ spec:
       value: {{ index .Values "logshipping" "fluent-bit" "hotReload" "image" "repository" }}
     - name: fluent-bit.filter.additionalValues
       value:
-        {{- index .Values "logshipping" "fluent-bit" "additionalValues" | toYaml | nindent 8 }}
+        {{- index .Values "logshipping" "fluent-bit" "additionalValues" | toYaml | nindent 8 -}}
+{{ if .Values.logshipping.octobus }}
+    - name: fluent-bit.config.inputs: |-
+        [INPUT]
+            Name             tail
+            Path             /var/log/containers/greenhouse-controller-manager*.log
+            Parser           cri
+            Tag              audit.*
+            Refresh_Interval 5
+            Mem_Buf_Limit    50MB
+            Skip_Long_Lines  Off
+            Ignore_Older     1m
+            DB               /var/log/fluent-bit-audit-tail.pos.db
+    - name: fluent-bit.config.filters: |-
+        [FILTER]
+            Name               grep
+            Match              audit.*
+            Regex              AdmissionRequest
+
+        [FILTER]
+            Name record_modifier
+            Match *
+            Record sap.cc.audit_source greenhouse
+            Record sap.cc.cluster {{ index .Values "global" "cluster" }}
+            Record sap.cc.region {{ index .Values "global" "region" }}
+    - name: fluent-bit.config.outputs: |-
+        [OUTPUT]
+            Name  http
+            Match audit.*
+            Host  {{ index .Values "fluent-bit" "backend" "octobus" "host"}}
+            Port  443
+            URI   {{ index .Values "fluent-bit" "backend" "octobus" "uri"}}
+            Format json_lines
+            tls true
+            tls.verify true
+            tls.ca_file /etc/ssl/certs/ca-certificates.crt
+    - name: fluent-bit.backend.octobus.host
+      value: {{ index .Values "logshipping" "octobus" "host" }}
+    - name: fluent-bit.backend.octobus.uri
+      value: {{ index .Values "logshipping" "octobus" "uri" }}
+{{- end -}}
 {{- end -}}