Skip to content

Add ApiKey expiration time to audit log#103959

Merged
elasticsearchmachine merged 6 commits intoelastic:mainfrom
jfreden:add-exp-to-audit-log
Jan 11, 2024
Merged

Add ApiKey expiration time to audit log#103959
elasticsearchmachine merged 6 commits intoelastic:mainfrom
jfreden:add-exp-to-audit-log

Conversation

@jfreden
Copy link
Copy Markdown
Contributor

@jfreden jfreden commented Jan 5, 2024

Follow up to PR: #103453

@jfreden jfreden added the :Security/Security Security issues without another label label Jan 5, 2024
@jfreden jfreden marked this pull request as ready for review January 5, 2024 11:19
@jfreden jfreden requested a review from n1v0lg January 5, 2024 11:19
@elasticsearchmachine elasticsearchmachine added the Team:Security Meta label for security team label Jan 5, 2024
@elasticsearchmachine
Copy link
Copy Markdown
Collaborator

elasticsearchmachine commented Jan 5, 2024

Pinging @elastic/es-security (Team:Security)

@elasticsearchmachine
Copy link
Copy Markdown
Collaborator

elasticsearchmachine commented Jan 5, 2024

Hi @jfreden, I've created a changelog YAML for you.

n1v0lg
n1v0lg approved these changes Jan 10, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@n1v0lg n1v0lg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, sorry for the delay!

For this one, we can go with a Security/Audit label. Also, two follow ups, one related to audit logging, other generically to the addition of the new field (forgot about this one before):

@jfreden jfreden added :Security/Audit X-Pack Audit logging and removed :Security/Security Security issues without another label labels Jan 11, 2024
@jfreden
Copy link
Copy Markdown
Contributor Author

jfreden commented Jan 11, 2024
edited
Loading

Thanks for the review!

We should update audit event docs: https://www.elastic.co/guide/en/elasticsearch/reference/current/audit-event-types.html (under change_apikey and other event types where it matters) to reflect the new field

Added it to this PR.

We might need to update the API spec -- this is used to generate ES client definitions. See this PR for an example: elastic/elasticsearch-specification#2371

Will work on a separate PR for this.

@jfreden jfreden force-pushed the add-exp-to-audit-log branch from 349518e to a053184 Compare January 11, 2024 08:29
@jfreden jfreden added the auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) label Jan 11, 2024
@elasticsearchmachine elasticsearchmachine merged commit cc9fba3 into elastic:main Jan 11, 2024
@jfreden jfreden deleted the add-exp-to-audit-log branch January 11, 2024 09:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@n1v0lg n1v0lg n1v0lg approved these changes

Assignees

No one assigned

Labels

auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) >enhancement :Security/Audit X-Pack Audit logging Team:Security Meta label for security team v8.13.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jfreden @elasticsearchmachine @n1v0lg