Viewing change logs for Wired

When you configure virtual infrastructure in the Wired portal, the low-level details of your changes are written to change logs. You can view these logs in the Red Hat® OpenShift® CLI or the Kibana application.

Log fields

When you create, update, or delete an object in the portal, a message is created in the pod logs that contains these fields:
Field Description
AuditEvent A hardcoded string that identifies the Wired portal as the source of the log message.
timestamp The date and time of the change.
principal The user that requests the change.
type The type of event that causes the message to be created, for example, HTTP_REQUEST.
Action Taken The action that the user takes, for example, CREATE.
Comment Information about the source or purpose of the change, for example, API call.
Tenant Id The ID of the Wired customer group that the user belongs to.
Request Uri A unique identifier that indicates the source of the change, for example, /api/v1/cloudProviderAccounts.
RemoteIpAddr The user's IP address.
authorities The Cloud Pak tenant ID that the user's security group belongs to. This ID is used when the change is saved in Site Planner.

Viewing the logs in the Red Hat OpenShift CLI

To view the logs in the Red Hat OpenShift CLI, complete the following steps:
  1. If application logging is not enabled for the Wired portal, enable it by completing the following substeps:
    1. Edit the Wired CR by running this command:
      oc edit cp4nawired cp4nawired-default -n <namespace>

      <namespace> is the namespace where the Wired portal is installed.

    2. Set the mcnpEnableAuditLog attribute to true.
    3. Configure the logging level by setting the mcnpLogLevel attribute. The following levels are supported:
      • INFO
      • DEBUG
      The default level is INFO. When the level is set to DEBUG, more detailed information is written to the logs.
    4. Save your changes.
  2. Get the names of the Wired pods, that is, the mcnp pods, by running this command:
    oc get pods -n <namespace> | grep -i mcnp
  3. If you enabled application logging in step 1, restart the mcnp pods by running this command for each pod:
    oc delete pod -n <namespace> <mcnp_pod_name>

    <mcnp_pod_name> is the name of the mcnp pod.

    The pods restart automatically.

  4. View the logs in each mcnp pod by running this command:
    oc logs -f <mcnp_pod_name> | grep "AuditEvent"

    <mcnp_pod_name> is the name of the mcnp pod.

Viewing the logs in Kibana

Ensure that Red Hat OpenShift Logging is installed on the same cluster where Wired is installed. For more information, see Application logging with EFK.

Procedure
  1. If the Wired logging integration with Kibana is not enabled, enable it by completing the following substeps:
    1. Edit the Wired CR by running this command:
      oc edit cp4nawired cp4nawired-default -n <namespace>
    2. Set the mcnpEnableKibanaLogging attribute to true.
    3. Set the mcnpKibanaLoggingEndpoint attribute to the URL of the Kibana application. For more information about how to retrieve this URL, see steps 1-7 of Updating the Kibana URL for the Nimrod UI.
    4. Set the mcnpKibanaLoggingIndex attribute to the index pattern that you want to use to retrieve Wired logs in Kibana, for example, wired-logs.
    5. Save your changes.
    6. Get the names of the Wired pods, that is, the mcnp pods, by running this command:
      oc get pods -n <namespace> | grep -i mcnp
    7. Restart the mcnp pods by running this command for each pod:
      oc delete pod -n <namespace> <mcnp_pod_name>

      <mcnp_pod_name> is the name of the mcnp pod.

      The pods restart automatically.

  2. Retrieve your Kibana login credentials.
    • Retrieve your Kibana username by running this command:
      oc -n <cp4na_namespace> get secret platform-auth-idp-credentials -o jsonpath='{.data.admin_username}' | base64 --decode
    • Retrieve your Kibana password by running this command:
      oc -n <cp4na_namespace> get secret platform-auth-idp-credentials -o jsonpath='{.data.admin_password}' | base64 --decode

      <cp4na_namespace> is the namespace where IBM Cloud Pak for Network Automation is installed.

  3. Connect to the Kibana UI.
    1. Copy the URL that you configured in the mcnpKibanaLoggingEndpoint CR attribute to a browser window.
    2. Enter the login credentials that you retrieved in step 2.
  4. In the Kibana dashboard, view the Wired logs by setting the default index pattern to the value that you configured in the mcnpKibanaLoggingIndex CR attribute, for example, wired-logs.