Security auditlog webhook sink with basic auth #11640
Conversation
Add documentation for username and password configuration settings that enable HTTP Basic Authentication for webhook audit log endpoints. These settings are now supported for webhook sinks in addition to external_opensearch sinks. Signed-off-by: Sander van de Geijn <sandervandegeijn@icloud.com>
sandervandegeijn
requested review from
AMoo-Miki,
dlvenable,
epugh,
kolchfa-aws,
natebower and
sumobrian
as code owners
|
Thank you for submitting your PR. The PR states are In progress (or Draft) -> Tech review -> Doc review -> Editorial review -> Merged. Before you submit your PR for doc review, make sure the content is technically accurate. If you need help finding a tech reviewer, tag a maintainer. When you're ready for doc review, tag the assignee of this PR. The doc reviewer may push edits to the PR directly or leave comments and editorial suggestions for you to address (let us know in a comment if you have a preference). The doc reviewer will arrange for an editorial review. |
|
@cwperks Could you review this PR? |
|
@sandervandegeijn What version is this for? |
|
Good question, for whichever version the PR will get merged into (not in my control :) ) |
| `plugins.security.audit.config.webhook.format` | String | The format in which the audit log message is logged, can be one of `URL_PARAMETER_GET`, `URL_PARAMETER_POST`, `TEXT`, `JSON`, `SLACK`. See [Formats](#formats). | ||
|
|
||
|
|
||
| ### Basic auth settings |
There was a problem hiding this comment.
The contents of this PR are good, but I think we can make these inline with the table above.
There was a problem hiding this comment.
I was in doubt, kept it together with the webhook section. Both are fine with me :)
3 participants
Description
Document the new settings for basic auth for auditlog through a webhook.
Issues Resolved
opensearch-project/security#5792
Version
main
Frontend features
None