trisul_audit_logger
This is an old revision of the document!
−Table of Contents
what is Audit Log
Audit log is a trisul feature which allows you to monit the overall activities in trisul like login, logout, create/delete user, password change, start/stop node …etc.
How to use it
trisul writes all the audit logs in a fill called audit.log which is located in
usr/local/var/log/trisul-hub/webtrisul/
you can open this file and see the logs.
Log Format
Here is an example audit log entry
19-09-2024 18:39:14 INFO 192.168.1.20 127.0.0.1 user default - User successfully logged in
Format
| Name | Sample Value | discription |
|---|---|---|
| Time stamp | 19-09-2024 18:39:14 | |
| Sevierity Level | INFO | |
| HTTP Real IP | 192.168.1.20 | |
| Request IP | 127.0.0.1 | |
| User name | user | |
| Context name | default | |
| Log message | User successfully logged in |
If you have load balancer you will see the user ip in the real ip field or if you dont use any loadbalancer you will see the ip in the request_ip field and the real_ip field will have the local ip.
HTTP Real IP allows you to get the true client IP rather than the IP of the proxy.
If the application is behind a proxy and the X-Forwarded-For header is present, request.ip will typically return the IP of the proxy server instead of the client.
trisul_audit_logger.1728470202.txt.gz · Last modified: 2024/10/09 16:06 by partha