In ELMA365, you can register and analyze events related to changes in user permissions and data.
For this purpose, the Security Audit module is used, which records all events in the system, and a separate Security Audit service, whose database stores the information obtained from the module.
Installation consists of four steps:
- Prepare the connection string for the PostgreSQL database.
- Download the Helm chart and configuration file.
- Fill out the configuration file.
- Install the Audit chart using Helm in the Kubernetes cluster.
Step 1: Prepare the connection string for the PostgreSQL database
The Security Audit service uses the PostgreSQL DBMS to store data. It is assumed that the data will be stored in a separate database, which requires the installation of uuid-ossp and pg_trgm extensions. When the service is first connected, all tables necessary for the service's operation will be created in the database. The volume of disk storage is estimated by the customer independently or based on the analysis of the company's activity. Read more about the necessary PostgreSQL configuration and installation of uuid-ossp and pg_trgm extensions in the Databases section.
Determine the name of the database for the Security Audit service. The default name is audit.
Prepare the PostgreSQL connection string for write and read operations in the format postgresql://user:password@hostname:port/databaseName?sslmode=disable, where:
useris the username of PostgreSQL having rights to the databasedatabaseName;passwordis the password for the PostgreSQL user;hostnameis the IP or domain name of the PostgreSQL server;portis the port for connecting to PostgreSQL (the standard port is5432;databaseNameis the name of the database (standard name isaudit);sslmodeis the use of a secure connection.
Step 2: Fill out the configuration file
For installation via the internet, obtain the configuration file values-audit.yaml by executing the command:
helm repo add elma365 https://charts.elma365.tech
helm repo update
helm show values elma365/audit > values-audit.yaml
Getting the configuration file for installation in a closed-loop environment without internet acces
helm repo add elma365 https://charts.elma365.tech For more details, see Download ELMA365 images.
tar -xf audit-X.Y.Z.tgz |
Step 3: Fill out the configuration file
Fill out the configuration file values-audit.yaml for the installation of the Audit service.
For the parameter psql_url, specify the PostgreSQL connection string obtained in Step 1. This article uses a connection string to PostgreSQL deployed in the Kubernetes cluster.
## Audit settings
audit:
global:
psql_url: "postgresql://postgres:pgpassword@postgres.default.svc.cluster.local:5432/audit?sslmode=disable"
...
To connect to the private registry, you need to::
## Audit settings |
Step 4: Install the Audit chart using Helm in the Kubernetes cluster
Install the audit chart in the namespace specified in Step 3 in the configuration file values-audit.yaml. The namespace will be created during installation if it was not previously created.
For internet installation:
helm upgrade --install elma365-audit elma365/audit -f values-audit.yaml -n audit --create-namespace
For offline installation without internet access:
helm upgrade --install elma365-audit ./audit -f values-audit.yaml -n audit --create-namespace
Начало внимание
Installing the Security Audit service component does not automatically include or install the Security Audit module on the ELMA365 application side.
Read more about installing the module and working with it in Security Audit module.
Конец внимание
Delete the Audit chart using helm in the Kubernetes cluster
Начало внимание
Before removing the Security Audit component, disable the use of the Secutiry Audit module on the ELMA365 application side.
Конец внимание
To delete the elma365-audit chart in namespace audit, execute the command:
helm uninstall elma365-audit -n audit
Found a typo? Highlight the text, press ctrl + enter and notify us