Note
This feature is available starting from the MCP 2019.2.6 maintenance update. Before using the feature, follow the steps described in Apply maintenance updates.
This section instructs you on how to configure remote logging for auditd.
To configure remote logging for auditd:
Log in to the Salt Master node.
In the classes/cluster/<cluster_name>/
directory, open one of the
following files:
infra/init.yml
.openstack/compute/init.yml
for all
OpenStack compute nodes.Configure the remote host using the following exemplary pillar:
parameters:
audisp:
enabled: true
remote:
remote_server: <ip_address or hostname>
port: <port>
local_port: any
transport: tcp
...
key1: value1
Refresh pillars on the target nodes:
salt <nodes> saltutil.refresh_pillar
Apply the auditd.audisp state on the target nodes:
salt <nodes> state.apply auditd.audisp