This section instructs you on how to enable the audit logging in Gerrit by configuring the httpd requests logger. Fluentd collects the files with the error logs automatically.
Note
This feature is available starting from the MCP 2019.2.5 maintenance update. Before enabling the feature, follow the steps described in Apply maintenance updates.
To set up audit logging in Gerrit:
Log in to the Salt Master node.
Open the cluster level of your deployment model.
In the cicd/control/leader.yml
file, add following parameters:
parameters:
_param:
...
gerrit_extra_opts: "-Dlog4j.configuration=file:///var/gerrit/review_site/etc/log4j.properties"
gerrit_http_request_log: 'True'
...
linux:
system:
file:
"/srv/volumes/gerrit/etc/log4j.properties":
contents:
- log4j.logger.httpd_log=INFO,httpd_log
- log4j.appender.httpd_log=org.apache.log4j.ConsoleAppender
- log4j.appender.httpd_log.layout=com.google.gerrit.pgm.http.jetty.HttpLogLayout
Refresh pillars:
salt -C 'I@gerrit:client' saltutil.refresh_pillar
Create the log4j.properties
file:
salt -C 'I@gerrit:client' state.apply linux.system.file
Update the Gerrit service:
salt -C 'I@gerrit:client' state.apply docker.client