journal log of boot requests?
jrey at linux.ibm.com
Wed Jul 31 08:34:47 AEST 2019
> +1. Detailed journal logs help in a big way to debug issues.
Auditing or Accounting capability is a typical security requirement, for
example, as in https://en.wikipedia.org/wiki/RADIUS. A BMC would
probably want to log the following:
- Requests to modify the server state.
- Requests to modify the BMC state.
- Access attempts (example: new Redfish sessions) to the BMC, with the
result (was access granted?).
> On Thursday 25 July 2019 09:01 PM, Andrew Geissler wrote:
>> I intermittently deal with issues where someone comes to me and says the
>> "BMC is randomly rebooting my server". I then get to peel through the
>> and look for things like this:
>> Thu Jun 27 10:45:59 2019 witherspoon phosphor-host-state-manager: Host
>> State transaction request
>> Thu Jun 27 10:45:59 2019 witherspoon netipmid: Transition request
>> initiated successfully
>> And point out to the person that it appears an out of band IPMI command
>> actually requested the state change.
>> Certain paths like a external REST/Redfish commands or I think an
>> inband host
>> initiated reboot will only provide the phosphor-host-state-manager
>> entry which
>> makes it even more complicated to debug the "who did it" aspect.
>> You can dig into the details of the journal entry and get the request
>> I think it would be nice to have a little more detail in the journal
>> from the
>> server side application that gets the request.
>> I was thinking of adding a more detailed journal log in ipmi and
>> bmcweb when
>> these requests come in. I know we don't want to clog up the journal
>> but state
>> changes to the server are a big deal IMHO and should be fairly rare.
More information about the openbmc