Session start audit log would have the same client IP record name. All start sessions would have the client IP.
Current behavior:
Kubernetes interactive start session does not have the client IP. k8s start session records a record of "addr.remote": "0.0.0.0:0" which is likely the case for a reverse tunnel k8s service connection.
DB start sessions does not include client IP.
Windows start session records client IP as addr.local, with windows server as addr.remote.
SSH session records client IP as addr.remote.
Application records as client IP addr.remote.
Bug details:
Teleport version: 14.3.6
Recreation steps
Create interactive sessions for k8s, SSH and Windows
Expected behavior:
Session start audit log would have the same client IP record name. All start sessions would have the client IP.
Current behavior:
Kubernetes interactive start session does not have the client IP. k8s start session records a record of "addr.remote": "0.0.0.0:0" which is likely the case for a reverse tunnel k8s service connection.
DB start sessions does not include client IP.
Windows start session records client IP as
addr.local
, with windows server asaddr.remote
.SSH session records client IP as
addr.remote
.Application records as client IP
addr.remote
.Bug details: