-
Notifications
You must be signed in to change notification settings - Fork 8.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pipe X-Opaque-Id
header to AuditTrail logs and Elasticsearch API calls
#62018
Comments
Pinging @elastic/kibana-platform (Team:Platform) |
@jportner Previously we mentioned adding a config that allows the operator to specify which IP addresses this header should be accepted from. Is that a requirement for the MVP? |
No, but we should provide a config option to disable this behavior. |
@jportner What are the requirements regarding |
I would expect that any Elasticsearch operation resulting from a single inbound HTTP request would have the same I don't necessarily think background "tasks" should be treated the same way, though. Perhaps @thomheymann and/or @arisonl can weigh in. |
Agreed 👍
Do you have an example of such a background task? The way I understand the aim of the |
Some examples of background tasks:
I generally agree that it makes sense to use a unique identifier per invocation of a given task or job. The tricky part is where in the actual code do we generate this and how do we ensure that all audittrail events are bound to that ID. My plan is to leverage the
This assumes that the |
Supports #52125
Related #60119
We need to be able to correlate different logs in the regular system logger, Kibana's audit logs, and Elasticsearch's audit logs to the same user request.
When the
X-Opaque-Id
has been set on the request (for example, by a reverse proxy), we should:elasticsearch.requestHeadersWhitelist
configuration option. This should be verified that this works.The text was updated successfully, but these errors were encountered: