Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-14143

Add request-logging to securing solr page

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 8.5
    • Component/s: None
    • Labels:
      None

      Description

      This functionality was cleaned up in SOLR-14138 and for a major release I've proposed to turn it on by default in SOLR-14142.

      But for now, I think the "securing solr" page should instruct how to turn this on. Hopefully if we fix the default in SOLR-14142, this paragraph can simply go away (I think it is expert to not want to log such a basic thing).

      There is some overlap with "audit logging", but for sure the request log is always more complete, since it logs things that never even make it to solr (as well as 4xx denied by solr itself, of course). You can see the differenes by running a simple nmap script scan of your solr instance or similar.

        Attachments

        1. SOLR-14143.patch
          1 kB
          Robert Muir

          Activity

            People

            • Assignee:
              rcmuir Robert Muir
              Reporter:
              rcmuir Robert Muir
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: