Theodor Vallier via FreeIPA-users wrote: > Hello all, > > I'm trying to log more details when there are operations on users, such as > modifications (MOD). The goal is to detect legitimate user modifications like > login or password changes, and differentiate them from non-legitimate ones > such as default shell modifications. > > I attempted to change the access log level without success; the activation of > the audit plugin shows me the changes, but it is not usable (it's not syslog > compliant and can't be correlated to MOD requests). > > Is anyone able to log which fields a MOD request changes?
What sort of thing are you looking for specifically? The audit log is pretty much the gold standard even if the formatting is strange. If you enable debug on the IPA server you can get more robust logging at the cost of log spamming. To enable that create /etc/ipa/server.conf with contents: [global] debug = True And restart httpd. rob -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
