0

We have upgraded thruk from 2.26 to version 2.44

We want this audit log feature to work when users access thruk through website.

      logfile = /var/log/audit/thruk-%Y.%m.%d.log 
      login = 1 
      logout = 1 
      session = 1 
      external_command = 1 
      configtool = 1 
</audit_logs>```

Currently it's logging only session creation. Is there any dependency for this?  what other criteria should be met for audit logs to work? Does it work only for cookie based authentication?
Shanti_Khot
  • 1
  • How do you authenticate? The login/logout can only be logged if done by Thruk, if its done by Apache (ex. by basic auth or kerberos sso instead of cookie auth) then there is no way for Thruk to know about the login. – sni Jul 28 '21 at 06:51
  • Hello...We are authenticating users with LDAP. Can you please tell what do you mean by "if done by thruk"? How to do authentication by thruk? Is it done using htpasswd file? – Shanti_Khot Jul 29 '21 at 14:55
  • Also, we define users in thruk and it is thruk that hands off login and logoff. So shouldn't thruk know that user has logged in? Any suggestion/advise/clarification is really appreciated. We need to these logs for compliance. :) – Shanti_Khot Aug 05 '21 at 19:54
  • Hello, we really need help with this. – Shanti_Khot Oct 07 '21 at 17:01

0 Answers0