Open simcod opened 2 weeks ago
This issue documents approaches on how to make audit logs accessible for OpenSearch.
Option 1: Reconfigure Fluent Bit output section to have a structure like:
[OUTPUT] Name opensearch Match * Host 1.2.3.4 Port 9200 Index fluent-bit Type _doc
Source 1 Source 2 Source 3
Option 2: Extend gardener-extension-audit with another backend of type OpenSearch to send audit logs to:
gardener-extension-audit
OpenSearch
type AuditBackendOpenSearch struct { ... }
In my opinion option 2 might be necessary.
This issue documents approaches on how to make audit logs accessible for OpenSearch.
Option 1: Reconfigure Fluent Bit output section to have a structure like:
Source 1 Source 2 Source 3
Option 2: Extend
gardener-extension-audit
with another backend of typeOpenSearch
to send audit logs to:type AuditBackendOpenSearch struct { ... }