search

metal-stack / gardener-extension-audit

A Gardener extension that provides audit forwarding to different backends
MIT License
1 stars 2 forks source link

Support for OpenSearch backend #25

Open simcod opened 2 weeks ago

simcod commented 2 weeks ago

This issue documents approaches on how to make audit logs accessible for OpenSearch.

Option 1: Reconfigure Fluent Bit output section to have a structure like:

[OUTPUT]
   Name opensearch
   Match *
   Host 1.2.3.4
   Port 9200
   Index fluent-bit
   Type _doc

Source 1 Source 2 Source 3

Option 2: Extend gardener-extension-audit with another backend of type OpenSearch to send audit logs to:

type AuditBackendOpenSearch struct { ... }

simcod commented 2 weeks ago

In my opinion option 2 might be necessary.