gitea-mirror/Pulse
1
0
Fork 0
mirror of https://github.com/rcourtman/Pulse.git synced 2026-02-18 00:17:39 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3e2824a7ff8d27f6ba2fbbc70dccd19aefba06ae
Pulse/docs/operations/AUDIT_LOG_ROTATION.md
rcourtman 2b48b0a459 feat: add --kube-include-all-deployments flag for Kubernetes agent 
Adds IncludeAllDeployments option to show all deployments, not just
problem ones (where replicas don't match desired). This provides parity
with the existing --kube-include-all-pods flag.

- Add IncludeAllDeployments to kubernetesagent.Config
- Add --kube-include-all-deployments flag and PULSE_KUBE_INCLUDE_ALL_DEPLOYMENTS env var
- Update collectDeployments to respect the new flag
- Add test for IncludeAllDeployments functionality
- Update UNIFIED_AGENT.md documentation

Addresses feedback from PR #855
2025-12-18 20:58:30 +00:00

55 lines
1.6 KiB
Markdown
Raw Blame History

# 🔄 Sensor Proxy Audit Log Rotation
> **Deprecated in v5:** `pulse-sensor-proxy` is deprecated and not recommended for new deployments.
> This document is retained for existing installations during the migration window.
The proxy writes append-only, hash-chained logs to `/var/log/pulse/sensor-proxy/audit.log`.
## ⚠️ Important
* **Do not delete**: The file is protected with `chattr +a`.
* **Rotate when**: >200MB or >30 days.
## 🛠️ Manual Rotation
Run as root:
```bash
# 1. Unlock file
chattr -a /var/log/pulse/sensor-proxy/audit.log
# 2. Rotate (copy & truncate)
cp -a /var/log/pulse/sensor-proxy/audit.log /var/log/pulse/sensor-proxy/audit.log.$(date +%Y%m%d)
: > /var/log/pulse/sensor-proxy/audit.log
# 3. Relock & Restart
chown pulse-sensor-proxy:pulse-sensor-proxy /var/log/pulse/sensor-proxy/audit.log
chmod 0640 /var/log/pulse/sensor-proxy/audit.log
chattr +a /var/log/pulse/sensor-proxy/audit.log
systemctl restart pulse-sensor-proxy
```
## 🤖 Logrotate Config
Create `/etc/logrotate.d/pulse-sensor-proxy`:
```conf
/var/log/pulse/sensor-proxy/audit.log {
weekly
rotate 8
compress
missingok
notifempty
create 0640 pulse-sensor-proxy pulse-sensor-proxy
sharedscripts
prerotate
/usr/bin/chattr -a /var/log/pulse/sensor-proxy/audit.log || true
endscript
postrotate
/bin/systemctl restart pulse-sensor-proxy.service || true
/usr/bin/chattr +a /var/log/pulse/sensor-proxy/audit.log || true
endscript
}
```
**Note**: Do NOT use `copytruncate`. The restart is required to reset the hash chain.
Reference in New Issue View Git Blame Copy Permalink