From 76e3f30cff27fa365bc327028fc04231d50aa6a7 Mon Sep 17 00:00:00 2001 From: Andrew Walker Date: Wed, 7 Aug 2024 14:03:11 -0700 Subject: [PATCH] Omit SMB audit results from audit.query output by default This is an optimization to improve memory consumption by default queries used by the webui. Initially we included SMB audit results by default with the expectation that user would specify the exact audited service they wanted to query. Since SMB audit logs can span upwards to hundreds of thousands of entries in some extreme cases we need to ensure that UI / API consumers use optimized SQL queryfilters with appropriate pagination. --- src/middlewared/middlewared/plugins/audit/audit.py | 2 +- src/middlewared/middlewared/plugins/audit/utils.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/middlewared/middlewared/plugins/audit/audit.py b/src/middlewared/middlewared/plugins/audit/audit.py index 463e84cd3dc69..3a04493f4d5e2 100644 --- a/src/middlewared/middlewared/plugins/audit/audit.py +++ b/src/middlewared/middlewared/plugins/audit/audit.py @@ -129,7 +129,7 @@ async def compress(self, data): @accepts(Dict( 'audit_query', - List('services', items=[Str('db_name', enum=ALL_AUDITED)], default=ALL_AUDITED), + List('services', items=[Str('db_name', enum=ALL_AUDITED)], default=['MIDDLEWARE', 'SUDO']), Ref('query-filters'), Ref('query-options'), register=True diff --git a/src/middlewared/middlewared/plugins/audit/utils.py b/src/middlewared/middlewared/plugins/audit/utils.py index 8ecfccff94580..7c6ebd4ff6fbe 100644 --- a/src/middlewared/middlewared/plugins/audit/utils.py +++ b/src/middlewared/middlewared/plugins/audit/utils.py @@ -122,7 +122,7 @@ def parse_query_filters( match f[1]: case '=' | 'in': - services_to_check = services_to_check & svcs + services_to_check = svcs case '!=' | 'nin': services_to_check = services_to_check - svcs case _: