Add KUBE_REQUEST event and improve existing k8s events (#190)

* Add KUBE_REQUEST event and improve existing k8s events * Propagate the cluster name and make EXEC event special-case k8s sessions. Co-authored-by: Alexey Kontsevoy <[email protected]>
gravitational · Nov 12, 2020 · 161d678 · 161d678
1 parent b775d4a
commit 161d678
Show file tree

Hide file tree

Showing 5 changed files with 138 additions and 661 deletions.
diff --git a/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx b/web/packages/teleport/src/Audit/EventList/EventTypeCell.tsx
@@ -66,40 +66,7 @@ const EventIconMap = {
   [CodeEnum.USER_LOCAL_LOGINFAILURE]: Icons.Info,
   [CodeEnum.USER_SSO_LOGIN]: Icons.Info,
   [CodeEnum.USER_SSO_LOGINFAILURE]: Icons.Info,
-  [CodeEnum.G_ALERT_CREATED]: Icons.NotificationsActive,
-  [CodeEnum.G_ALERT_DELETED]: Icons.NotificationsActive,
-  [CodeEnum.G_APPLICATION_INSTALL]: Icons.AppInstalled,
-  [CodeEnum.G_APPLICATION_ROLLBACK]: Icons.AppRollback,
-  [CodeEnum.G_APPLICATION_UNINSTALL]: Icons.PhonelinkErase,
-  [CodeEnum.G_APPLICATION_UPGRADE]: Icons.PhonelinkSetup,
-  [CodeEnum.G_AUTHGATEWAY_UPDATED]: Icons.Config,
-  [CodeEnum.G_LICENSE_EXPIRED]: Icons.NoteAdded,
-  [CodeEnum.G_LICENSE_UPDATED]: Icons.NoteAdded,
-  [CodeEnum.G_LOGFORWARDER_CREATED]: Icons.ForwarderAdded,
-  [CodeEnum.G_LOGFORWARDER_DELETED]: Icons.ForwarderAdded,
-  [CodeEnum.G_OPERATION_ENV_COMPLETE]: Icons.Memory,
-  [CodeEnum.G_OPERATION_ENV_FAILURE]: Icons.Memory,
-  [CodeEnum.G_OPERATION_ENV_START]: Icons.NoteAdded,
-  [CodeEnum.G_OPERATION_EXPAND_COMPLETE]: Icons.SettingsOverscan,
-  [CodeEnum.G_OPERATION_EXPAND_START]: Icons.SettingsOverscan,
-  [CodeEnum.G_OPERATION_INSTALL_COMPLETE]: Icons.Unarchive,
-  [CodeEnum.G_OPERATION_INSTALL_FAILURE]: Icons.Unarchive,
-  [CodeEnum.G_OPERATION_INSTALL_START]: Icons.Unarchive,
-  [CodeEnum.G_OPERATION_SHRINK_COMPLETE]: Icons.Shrink,
-  [CodeEnum.G_OPERATION_SHRINK_FAILURE]: Icons.Shrink,
-  [CodeEnum.G_OPERATION_SHRINK_START]: Icons.Shrink,
-  [CodeEnum.G_REMOTE_SUPPORT_DISABLED]: Icons.LanAlt,
-  [CodeEnum.G_REMOTE_SUPPORT_ENABLED]: Icons.LanAlt,
-  [CodeEnum.G_SMTPCONFIG_CREATED]: Icons.EmailSolid,
-  [CodeEnum.G_SMTPCONFIG_DELETED]: Icons.EmailSolid,
-  [CodeEnum.G_TLSKEYPAIR_CREATED]: Icons.Keypair,
-  [CodeEnum.G_TLSKEYPAIR_DELETED]: Icons.Keypair,
-  [CodeEnum.G_TOKEN_CREATED]: Icons.Stars,
-  [CodeEnum.G_TOKEN_DELETED]: Icons.Stars,
-  [CodeEnum.G_UPDATES_DISABLED]: Icons.Restore,
-  [CodeEnum.G_UPDATES_DOWNLOADED]: Icons.Restore,
-  [CodeEnum.G_UPDATES_ENABLED]: Icons.Restore,
-  [CodeEnum.G_USER_INVITE_CREATED]: Icons.Info,
+  [CodeEnum.KUBE_REQUEST]: Icons.Kubernetes,
 };
 
 export default function TypeCell(props) {

diff --git a/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap b/web/packages/teleport/src/Audit/__snapshots__/Audit.story.test.tsx.snap
@@ -447,12 +447,12 @@ exports[`loaded 1`] = `
         </strong>
          - 
         <strong>
-          34
+          36
         </strong>
          
         of 
         <strong>
-          34
+          36
         </strong>
       </div>
       <div
@@ -510,6 +510,76 @@ exports[`loaded 1`] = `
         </tr>
       </thead>
       <tbody>
+        <tr>
+          <td>
+            <div
+              class="c14"
+            >
+              <span
+                class="c4 c15 icon icon-kubernetes c4 c15"
+                color="light"
+                font-size="3"
+              />
+              Kubernetes Request
+            </div>
+          </td>
+          <td
+            style="word-break: break-word;"
+          >
+            User [alex] made a request to kubernetes cluster [clusterOne]
+          </td>
+          <td
+            style="min-width: 120px;"
+          >
+            2020-10-30 17:28:14
+          </td>
+          <td
+            align="right"
+          >
+            <button
+              class="c16"
+              kind="border"
+              width="87px"
+            >
+              Details
+            </button>
+          </td>
+        </tr>
+        <tr>
+          <td>
+            <div
+              class="c14"
+            >
+              <span
+                class="c4 c15 icon icon-terminal c4 c15"
+                color="light"
+                font-size="3"
+              />
+              Command Execution
+            </div>
+          </td>
+          <td
+            style="word-break: break-word;"
+          >
+            User [alex] executed a command on kubernetes cluster [clusterOne]
+          </td>
+          <td
+            style="min-width: 120px;"
+          >
+            2020-10-30 17:28:14
+          </td>
+          <td
+            align="right"
+          >
+            <button
+              class="c16"
+              kind="border"
+              width="87px"
+            >
+              Details
+            </button>
+          </td>
+        </tr>
         <tr>
           <td>
             <div

diff --git a/web/packages/teleport/src/Audit/fixtures/index.ts b/web/packages/teleport/src/Audit/fixtures/index.ts
@@ -418,4 +418,31 @@ export const events = [
     uid: '8ea5be3d-07b1-4308-8e0d-2d2ec57cbb20',
     user: '',
   },
+  {
+    code: 'T3002I',
+    proto: 'kube',
+    kubernetes_cluster: 'clusterOne',
+    ei: 0,
+    'addr.local': '172.31.28.130:3022',
+    'addr.remote': '151.181.228.114:51752',
+    event: 'exec',
+    namespace: 'default',
+    sid: '8d57a9d5-3848-5ce2-a326-85eb4a6d2eed',
+    time: '2020-10-30T17:28:14.705Z',
+    uid: '8ea5be3d-07b1-4308-8e0d-2d2ec57cbb20',
+    user: 'alex',
+  },
+  {
+    code: 'T3009I',
+    kubernetes_cluster: 'clusterOne',
+    ei: 0,
+    'addr.local': '172.31.28.130:3022',
+    'addr.remote': '151.181.228.114:51752',
+    event: 'exec',
+    namespace: 'default',
+    sid: '8d57a9d5-3848-5ce2-a326-85eb4a6d2eed',
+    time: '2020-10-30T17:28:14.705Z',
+    uid: '8ea5be3d-07b1-4308-8e0d-2d2ec57cbb20',
+    user: 'alex',
+  },
 ].map(makeEvent);