Comprehensive audit logging for applications access events

gravitational / teleport

The easiest, and most secure way to access and protect all of your infrastructure.

https://goteleport.com

GNU Affero General Public License v3.0

17.59k stars 1.76k forks source link

Comprehensive audit logging for applications access events #15892

Open oshati opened 2 years ago

oshati commented 2 years ago

What would you like Teleport to do? Teleport should log all web application access events - user actions happening on the the target application as Audit log entries akin to enhanced recording for ssh where every command is logged in the audit log

What problem does this solve? more comprehensive audit logs for applications access

If a workaround exists, please include it. #11334

gz#6454

programmerq commented 2 years ago

Also relevant: https://github.com/gravitational/teleport/issues/11418

dmsergeevN26 commented 1 year ago

Our use case here is to be able to have the audit logging the way, for example, kubernetes api calls are logged. We are shipping audit logs into SIEM. Having the ability to replay an app access session as explained in https://github.com/gravitational/teleport/issues/11418 doesn't really bring any value. We do not require logging of the payload; just the path, query params, response codes, verb.