Issues With Audit Log
-
Hello,
I'm a long time user of Xen Orchestra and have made great use of these forums as a resource in the past currently using the from the sources version of orchestra on commit: 8f6c0 I've noticed the audit log plugin is now reporting thousands of API calls when a user is logged in for: host.isPubKeyTooShort
I noticed this was part of the work to get ready for XCP-NG 8.3 and I've already updated the pubkey on my hosts but this is still getting spammed in the logs and is drowning out any actual use they would have to effectively audit user activity which is frustrating as they used to work fine.
Any help in turning this off or looking at chaning how this is logged would be appreciated.
-
-
Ping @julien-f
-
@AlexQuorum Does
openssl x509 -noout -text -in /etc/xensource/xapi-ssl.pem | grep bitshow 2048 or more and did you remember to do a
systemctl restart xapiafter you replaced the cert?
-
@peder Hi Peder,
Yes it returns 2048 and I also ran the reset XAPI command (the hosts have been physically rebooted since I did it as well).
The little error icon warning about having a short pubkey is also gone since I updated the certificates.
-
-
@julien-f Thank you very much I've updated to the latest commit and can confirm the behaviour has stopped, the prompt fix is much appreciated.
-
O olivierlambert marked this topic as a question on
-
O olivierlambert has marked this topic as solved on
-
Just started getting the same message in audit log. Not sure if it due to powering down a host in the pool that isnt being used now. but it started about a day ago.
Xen Orchestra, commit 749f0
Master, commit 749f0Going to power up the host again to see if it goes away.
id "0m7hqrlcn" properties method "host.isPubKeyTooShort" params id "d695a6a2-0891-4a7b-8c49-fff9b6c11b24" name "API call: host.isPubKeyTooShort" userId "66e90d92-d66e-4971-bee8-922ac8a811b7" type "api.call" start 1740321968855 status "failure" updatedAt 1740321968858 end 1740321968858 result code "HOST_OFFLINE" params 0 "OpaqueRef:17232738-9715-fb5d-caf8-c3eea6d92b45" call duration 3 method "host.get_server_certificate" params 0 "* session id *" 1 "OpaqueRef:17232738-9715-fb5d-caf8-c3eea6d92b45" message "HOST_OFFLINE(OpaqueRef:17232738-9715-fb5d-caf8-c3eea6d92b45)" name "XapiError" stack "XapiError: HOST_OFFLINE(OpaqueRef:17232738-9715-fb5d-caf8-c3eea6d92b45)\n at Function.wrap (file:///opt/xo/xo-builds/xen-orchestra-202502212211/packages/xen-api/_XapiError.mjs:16:12)\n at file:///opt/xo/xo-builds/xen-orchestra-202502212211/packages/xen-api/transports/json-rpc.mjs:38:21\n at runNextTicks (node:internal/process/task_queues:60:5)\n at processImmediate (node:internal/timers:454:9)\n at process.callbackTrampoline (node:internal/async_hooks:130:17) -
bringing up the host and restarting the tools on master seem to stop the excessive logging.
EDIT: Bringing down host 3 triggers the alerts again
EDIT2: Looks like it may be due to how i shutdown the host. First time I put it into maintenance mode, then did the halt command. That caused the messages to come up.
Second time I just did halt and that caused the messages to come up.
Third time, i hit disable first then halt. So far seems the messages are no longer coming up.I guess i should RTM more lol.
