search

jenkinsci / datadog-plugin

A Jenkins plugin used to forward metrics, events, and service checks to an account at Datadog, automatically.
https://plugins.jenkins.io/datadog/
MIT License
33 stars 48 forks source link

Security events notifications are very spammy #49

Closed sodul closed 3 years ago

sodul commented 4 years ago

We use several tools that end up updating the apiTokenStats.xml and in p

Steps to reproduce the behavior:

  1. register a tool that access the jenkins API with a token such as ccmenu and monitor jobs.
  2. integrate the jenkins Datadog Plugin with security audit events
  3. get an influx of apiTokenStats.xml updates on DataDog: User anonymous changed file apiTokenStats.xml

Other notifications are lacking details to make them useful such as User SYSTEM changed file config.xml, with no context for which job this applies.

Expected behavior Stats files updates should not trigger a notification to Datadog and we should be able to have more fine grained control of what is sent to Datadog.

jeremystewart85 commented 4 years ago

Our event stream has also been getting a ton of these messages. I dug around in documentation that said there were some environment variables to try (DATADOG_JENKINS_PLUGIN_EMIT_SYSTEM_EVENTS), and I went into the Jenkins System Config page to add those but found these checkboxes instead under the Advanced button in the Datadog config section:

image

It would be nice to have more granular control over the different events inside of System and Security but this has stopped the event spam for now.

gzussa commented 4 years ago

Indeed there is a setting mentioned by @jeremystewart85 to turn this off.

I am switching this from a bug labeled issue to a feature request related issue. If we added more control into this, what events would you like to see by default?

Also, i am opening this open to grasp by the community if someone wants to give a shot at implementing something 😄