Mentions légales du service

Skip to content

[compuVault] tracer des actions d'utilisation dans syslog

Yao CHI requested to merge compuVault into master

discuté avec Dominique L. pour l'homologation de compuvault.

actions à tracer: qui, à quelle heure a ouvert/monté/libéré le volume chiffré.

dans les syslog, ca donne désormais ceci:

g5kadmin@syslog.rennes.grid5000.fr(kvm|pve):/var/log/clients$ grep -R "CompuVault" * | sed -E 's/.*([0-9]{4}-[0-9]{2}-[0-9]{2}T[0-9]{2}:[0-9]{2}:[0-9]{2}).*/\1 &/' | sort | awk '$1 >= "2024-11-01T00:00:00" && $1 <= "2024-11-14T23:59:59"'
2024-11-14T14:16:13 all.log:<86>1 2024-11-14T14:16:13.516423+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="1216785"] CompuVault encrypted storage cv-poc opened on parasilo-25.rennes by ychi at 2024-11-14 14:16:13
2024-11-14T14:16:13 all.log:<86>1 2024-11-14T14:16:13.565188+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="1216785"] CompuVault encrypted storage cv-poc mounted on parasilo-25.rennes by ychi at 2024-11-14 14:16:13
2024-11-14T14:16:13 parasilo-25-kavlan-5.rennes.grid5000.fr/parasilo-25-kavlan-5.rennes.grid5000.fr.log:<86>1 2024-11-14T14:16:13.516423+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="1216785"] CompuVault encrypted storage cv-poc opened on parasilo-25.rennes by ychi at 2024-11-14 14:16:13
2024-11-14T14:16:13 parasilo-25-kavlan-5.rennes.grid5000.fr/parasilo-25-kavlan-5.rennes.grid5000.fr.log:<86>1 2024-11-14T14:16:13.565188+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="1216785"] CompuVault encrypted storage cv-poc mounted on parasilo-25.rennes by ychi at 2024-11-14 14:16:13
2024-11-14T14:16:45 all.log:<86>1 2024-11-14T14:16:45.821901+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="57460"] CompuVault encrypted storage cv-poc disconnected on parasilo-25.rennes by ychi at 2024-11-14 14:16:45
2024-11-14T14:16:45 parasilo-25-kavlan-5.rennes.grid5000.fr/parasilo-25-kavlan-5.rennes.grid5000.fr.log:<86>1 2024-11-14T14:16:45.821901+01:00 parasilo-25-kavlan-5.rennes.grid5000.fr ychi - - [timeQuality tzKnown="1" isSynced="1" syncAccuracy="57460"] CompuVault encrypted storage cv-poc disconnected on parasilo-25.rennes by ychi at 2024-11-14 14:16:45

idéalement, il faut tracer les mêmes actions côté serveur. les logs en plus du côté serveur montrent les "violations d'utilisations" (qqn qui tente d'accéder au volume chiffré sans passer par armored node et le script compuvault).

Edited by Yao CHI

Merge request reports