Uploaded image for project: 'HPCC'
  1. HPCC
  2. HPCC-23151

Document disabling whitelist and logging behaviour when enabled/disabled

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.6.16
    • Component/s: Documentation
    • Labels:
      None

      Description

      When upgrading a cluster to a version with white listing enabled by default, where there are other interacting environments, it can be useful to initially disable white listing as a means to audit what external components are trying to connect with it.

      Can we document how to disabled white listing, e.g.:

      <WhiteList enabled="false"/>
      

      And also document that when disabled, that each client that would be refused access if white listing were enabled, will cause logging like this to the DaServer.log e.g.:

      00000017 Operator 2019-11-20 16:58:39.617 17056 17074 "WhiteListing is disabled, ignoring: Access denied! [client ip=192.168.9.12, role=DaliDiag] not whitelisted"

       

      Operations can leave disabled for a period and collate logging like this, to get a picture of what legitimate or potentially suspicious clients are trying to connect.

        Attachments

          Activity

            People

            • Assignee:
              jamesdefabia Jim DeFabia
              Reporter:
              jakesmith Jake Smith
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: