Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Audit log doesn't work #4309

Open
4 tasks done
WarszawskiDev opened this issue Oct 27, 2023 · 8 comments
Open
4 tasks done

Audit log doesn't work #4309

WarszawskiDev opened this issue Oct 27, 2023 · 8 comments
Labels
status/triage Issues pending maintainers triage type/bug Something isn't working

Comments

@WarszawskiDev
Copy link

WarszawskiDev commented Oct 27, 2023
edited
Loading

Issue submitter TODO list

  • I've looked up my issue in FAQ
  • I've searched for an already existing issues here
  • I've tried running master-labeled docker image and the issue still persists there
  • I'm running a supported version of the application which is listed here

Describe the bug (actual behavior)

I have Apache Kafka UI cluster section configured same like described in this documentation page: https://docs.kafka-ui.provectus.io/configuration/audit-log

kafka:
  clusters:
    - name: local
      BOOTSTRAPSERVERS: kafka1:19092
      audit:
        topic-audit-enabled: true
        console-audit-enabled: true
        topic: "__kui-audit-log" # default name
        audit-topic-properties: # any kafka topic properties in format of a map
          - retention.ms: 43200000
        audit-topics-partitions: 1 # how many partitions, default is 1
        level: ALL # either ALL or ALTER_ONLY (default). ALL will log all read operations.

I also have rdap with azure oauth2 configured based on roles - if it's important
Applications starts normally but there is no even any information about audit logs in console (also with log level trace) and audit topic is not present

docker-compose file:

kafka-ui:
    container_name: kafka-ui
    image: provectuslabs/kafka-ui:latest
    ports:
      - 2222:8080
    depends_on:
      - kafka1
    volumes:
      - /kui-config.yml:/kui-config.yml
    environment:
      SPRING_CONFIG_ADDITIONAL-LOCATION: /kui-config.yml

Expected behavior

Audi log should log information about topic/message access on both audit log topic and in console

Your installation details

  1. 0.7.1
  2. Code available in description section

Steps to reproduce

Run application with audi log enabled like described here: https://docs.kafka-ui.provectus.io/configuration/audit-log

Screenshots

No response

Logs

No response

Additional context

No response
@WarszawskiDev WarszawskiDev added status/triage Issues pending maintainers triage type/bug Something isn't working labels Oct 27, 2023
@github-actions
Copy link

Hello there WarszawskiDev! 👋

Thank you and congratulations 🎉 for opening your very first issue in this project! 💖

In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀

@andyhuynh3
Copy link

I was able to get audit logging working with the master tag and with the properties as camelCase rather than kebab-case. So for example, something like

kafka:
  clusters:
    - name: local
      BOOTSTRAPSERVERS: kafka1:19092
      audit:
        topicAuditEnabled: true
        consoleAuditEnabled: true
        topic: "__kui-audit-log" # default name
        auditTopicProperties: # any kafka topic properties in format of a map
          - retention.ms: 43200000
        auditTopicsPartitions: 1 # how many partitions, default is 1
        level: ALL # either ALL or ALTER_ONLY (default). ALL will log all read operations.

@yusaito01 yusaito01 mentioned this issue Nov 2, 2023
Open
4 tasks
@odorT
Copy link

odorT commented Mar 3, 2024

I was able to get audit logging working with the master tag and with the properties as camelCase rather than kebab-case. So for example, something like

kafka:
  clusters:
    - name: local
      BOOTSTRAPSERVERS: kafka1:19092
      audit:
        topicAuditEnabled: true
        consoleAuditEnabled: true
        topic: "__kui-audit-log" # default name
        auditTopicProperties: # any kafka topic properties in format of a map
          - retention.ms: 43200000
        auditTopicsPartitions: 1 # how many partitions, default is 1
        level: ALL # either ALL or ALTER_ONLY (default). ALL will log all read operations.

This config worked for me by changing

auditTopicProperties: # any kafka topic properties in format of a map
  - retention.ms: 43200000

to

auditTopicProperties: # any kafka topic properties in format of a map
  retention.ms: 43200000

@peddakotlareddy
Copy link

peddakotlareddy commented Apr 8, 2024
edited
Loading

After adding above config the __kui-audit-log topic created but the messages are not coming, what might be the issue?

This is my configuration
audit:
topicAuditEnabled: true
consoleAuditEnabled: true
topic: "__kui-audit-log" # default name
auditTopicProperties: # any kafka topic properties in format of a map
retention.ms: 43200000
auditTopicsPartitions: 1 # how many partitions, default is 1
level: ALL # either ALL or ALTER_ONLY (default). ALL will log all read operations.

@nfsvtrifork
Copy link

I was facing the same issue using the Helm chart. I resolved the issue by using camelCase (as mentioned above) and bumping the Helm version to 0.7.6 (equivalent to Kafka UI version v0.7.2).

So the issue seems to have been resolved in the latest release

@odorT
Copy link

odorT commented Apr 22, 2024

for me, still it does not work.

kafka-ui kafka-ui 42 2024-04-22 12:16:27.591323943 +0400 +04 deployed kafka-ui-0.7.6 v0.7.2

ERROR [parallel-8] r.c.p.Operators: Operator called default onErrorDropped
reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.ClassCastException: Cannot cast com.provectus.kafka.ui.config.auth.RbacOidcUser to org.springframework.security.core.userdetails.UserDetails
Caused by: java.lang.ClassCastException: Cannot cast com.provectus.kafka.ui.config.auth.RbacOidcUser to org.springframework.security.core.userdetails.UserDetails

@Haarolean
Copy link
Contributor

Please note this repo is not maintained (#4255), but we've fixed this issue here: https://github.com/kafbat/kafka-ui
Eager to see your feedback & stars there :)

@peddakotlareddy
Copy link

For me it is working and able to see audit logs, This is my config

 **ldap:
      urls: ldap://ldap.yourdomain.in
      base: "cn={0},ou=people,dc=planetexpress,dc=com"
      admin-user: "cn=admin,dc=planetexpress,dc=com"
      admin-password: "GoodNewsEveryone"
      user-filter-search-base: "ou=people,dc=planetexpress,dc=com"
      user-filter-search-filter: "(&(cn={0})(objectClass=user)(|(memberof=cn=<user group>,ou=people,dc=planetexpress,dc=com)))"
      group-filter-search-base: "ou=people,dc=planetexpress,dc=com" 
  oauth2:
    ldap:
      activeDirectory: false
      aсtiveDirectory:
        domain: <domain>
  logging:
    level:
      root: debug
      com.provectus: debug
      org.springframework.security: debug
  kafka:
    clusters:
    - bootstrapServers: <url>
      name: kafka
      audit:
        topicAuditEnabled: true
        consoleAuditEnabled: true
        topic: "__kui-audit-log" # default name
        auditTopicProperties: # any kafka topic properties in format of a map
          retention.ms: 43200000
        auditTopicsPartitions: 1 # how many partitions, default is 1
        level: ALTER_ONLY # either ALL or ALTER_ONLY (default). ALL will log all read operations.**

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/triage Issues pending maintainers triage type/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@Haarolean @andyhuynh3 @WarszawskiDev @odorT @nfsvtrifork @peddakotlareddy