SLIDE 1
LOONYCORN
www.loonycorn.com
Managing Functions in Couchbase Kishan Iyer LOONYCORN - - PowerPoint PPT Presentation
Managing Functions in Couchbase Kishan Iyer LOONYCORN - - PowerPoint PPT Presentation
Managing Functions in Couchbase Kishan Iyer LOONYCORN www.loonycorn.com Overview Redacting sensitive information from logs Function statistics from the Eventing Service Statistics graphs for functions Auditing in Couchbase Couchbase
SLIDE 2
SLIDE 3
Auditing in Couchbase
SLIDE 4
Couchbase Auditing Facility
Recognizes specific, server-generated events that can be logged for audit purposes.
SLIDE 5
Types of Audit Events
Admin events: Administrative and configuration changes to cluster Data events: Attempts to access and change data
SLIDE 6
Examples of Audited Events
Successful login Unsuccessful login Bucket creation Bucket TTL modification User creation Index creation
SLIDE 7
Mechanics of Auditing
When auditing is enabled, logged events are saved to audit.log Events are audited on a per-node basis Each node captures its own events only For cluster-wide records, manual consolidation by admin is required
SLIDE 8
Mechanics of Auditing
Default log file is named audit.log Log file is automatically rotated, saved, and timestamped New empty audit.log created Rotation happens either
- At specified interval ranging from 15
minutes (min) to 7 days (max)
- When file reaches 20 MB in size
SLIDE 9
Non-filterable Events
By default, auditing is disabled If auditing is enabled, certain events will always be logged
- These are called non-filterable events
Other events can be individually marked for exclusion from audit.log
- These events are called filterable
SLIDE 10
Categories of Audit Events
Several broad categories of audit events
- REST API events
- Data Service events
- Eventing Service events
- …
Within each category, individual events maybe Data or Admin events
SLIDE 11
Eventing Service Audit Events
All audit events of the Eventing Service are Admin Events Create/Delete/Export/Import Function Save/Fetch/Delete Drafts and Config List Running Functions Start/Stop Debug
SLIDE 12
Functions Logs and Stats
SLIDE 13
Functions Log
Eventing Service maintains two types of logs
- Application log that functions can
write to e.g. from try-catch blocks
- System log that functions can not
write to
SLIDE 14
Log Redaction
Couchbase Server provides way to redact sensitive data from log Post-redaction, logs can be shared for troubleshooting Avoids potential regulatory compliance issues related to data-sharing
SLIDE 15
Log Redaction is available
- nly for System Logs, not for
Application Logs
SLIDE 16
Redactable Data
JSON key/value pairs Usernames Names and email addresses Extended attributes Query fields referencing such data
SLIDE 17
Redactable Data
Redacted text will be substituted with hashed text Hashing performed using SHA1 Redaction may also eliminate non-private data Redaction performed during log- collection, slowing process significantly
SLIDE 18
Redactable Data
Couchbase currently (v6.5) supports partial redaction Full redaction will be available in a forthcoming version
- Also will redact metadata
SLIDE 19
Demo
Auditing Actions on Couchbase Functions
SLIDE 20
Demo
Explicit Logging and Redaction
SLIDE 21
Demo
Retrieving Function Statistics
SLIDE 22
Demo
Cleaning Up
SLIDE 23
Summary
Redacting sensitive information from logs Function statistics from the Eventing Service Statistics graphs for functions
SLIDE 24