This message was deleted.
# general
a
This message was deleted.
d
This is all configured in the Rancher install helm chart, and the Audit Log location, it is best to use the default location for the logs, as they are acutally mounted to the container. any change to the location would also require new mounts to be added and passed to the container
l
yes, I have that all set, and the logs are being created in the path that I specified. It's just a specific action that I'm not seeing reflected in that log.
d
what is the audit log level
l
I have that set to 3
d
try lowering it to 2
l
isn't that less information?
d
I see you are correct
What are you missing from the logs? specific types of audit? The user name of the logged in user is hashed and can be found in rancher to decode what user is doing what
l
I added a user to a project as a cluster member (through the gui), and nothing was logged for that event. Similarly I removed that user and didn't see any record for it. I searched for both the username and the internal Rancher (u-) user ids in the audit log and nothing was returned
d
Did you look for rb- being deleted
that would be the role binding for the project
or crb-
l
I'll take a look at that