-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Audit logging fails to log the request if Rest request is invalid #1849
Comments
[Triage] We wouldn't recommend logging invalid requests by default. However, we'd be interested to review a pull request. @jimishs Can you please provide more inputs here? |
@jimishs To be more clear - Invalid requests is pretty common. For example, a request in wrong syntax(could even be caused by a typo or anything) is an invalid request. It's not even reach server because it's a bad request. So it seems not related to security at all. In this case, we'd like to have your inputs on how much value to support this case in Audit Logging. |
Adding further comments- Correct, not all invalid requests can be logged. However, if a request is reaching security plugin and it's AuthN is checked, plugin should not fail at logging it. |
[Triage] @shikharj05 Closing this issue as its been inactive for over 6 months. Please re-open if this is still an issue to be addressed. |
[Triage] Hi @shikharj05, thank you for confirming this issue still persists. We would be happy to review a PR looking to introduce this behavior as a configurable option for a cluster. |
Here if request body Audit logging is enabled, we are trying to log the request body. This check ensures that there is request body present. contentOrSourceParam method throws But in case there is Proposed Solution: |
…s invalid. Resolves opensearch-project#1849 Signed-off-by: Aayush Singhal <siaayush@amazon.com>
closing the issue as #4232 is merged |
What is the bug?
Audit logging doesn't log a failed request if request body fails to match content-type header or required parameters. For example, if request body logging is enabled and passed content-type is unsupported, the following method can see
OpenSearchParseException
orIllegalStateException
thrown from here. Since the exception is not handled by caller, the log method fails to log the request.How can one reproduce the bug?
Steps to reproduce the behavior:
curl -XGET 'https://localhost:9200/?source=abc' --insecure -H 'content-type: '
What is the expected behavior?
These exceptions should be handled in the method here
What is your host/environment?
Do you have any screenshots?
NA
Do you have any additional context?
NA
The text was updated successfully, but these errors were encountered: