Page MenuHomePhabricator

Improve LDAP logging
Open, MediumPublic


During the Security/Logging meeting on 01/22/2019 (notes captured in a request was made to review and improve the logging and auditing capabilities of the LDAP directory servers used by WMF infrastructure. This is a parent task to review possible solutions and track progress.

A first stab at the steps involved are:

  • Describe events that should be logged
  • Review possible changes to the directory servers to generate needed audit logs
  • Ensure that the logs are written and shipped in a durable way, such that they can be replied on when needed in the future
  • Define retention period for this log type
  • Parse logs to generate actionable alerts where appropriate