.. _elk-operator: ELK service =========== Software Factory bundles an ELK stack based on `Opensearch`_ to ease searching through the logs artifacts of jobs. Once activated, the console log of every build is pulled by logscraper tool, that later is processed by logsender (log-processing role) and pushed into the Opensearch and then searchable via Opensearch Dashboards. A Software Factory user might want to export more artifacts than those files should be defined in logscraper download configuration file. .. _`Opensearch`: https://www.opensearch.org/ How to activate --------------- These services are not deployed by default but can be activated by adding the following components in */etc/software-factory/arch.yaml*: .. code-block:: yaml - opensearch - log-processing - opensearch-dashboards Then running: .. code-block:: bash # sfconfig The Opensearch Dashboards interface should be accessible via the Software Factory top menu under the name Opensearch Dashboards. Manual actions after installing Software Factory ------------------------------------------------ After the installation of Software Factory, or the activation of ELK, you must connect to Opensearch Dashboards as the `admin` user and go to the section "Discover" in Opensearch Dashboards menu to ensure that Opensearch Dashboards has created the index pattern. .. note:: After the first CI job execution, The job console logs are sent to Opensearch. Managing internal users ----------------------- There are few users created in Opensearch in Software Factory. The full list of available users can be seen :ref:`here <Available users>` Users information are stored in `internal_users.yml` file which is located in `opendistro_security config directory`: .. code-block:: none /usr/share/elasticsearch/plugins/opendistro_security/securityconfig/ For each user, password has been generated by sfconfig tool. Not encrypted passwords are stored in: .. code-block:: none /var/lib/software-factory/bootstrap-data/secrets.yaml More information about the file, you can find `here`_. .. _`here`: https://opensearch.org/docs/2.4/security-plugin/configuration/yaml/#internal_usersyml .. _Available users: Available users --------------- There are few users created in Software Factory for Opensearch: - admin - the superuser in Opensearch Dashboards. It has all permissions to manage the Opensearch Dashboards and Opensearch cluster - kibanaserver - this user is used by Opensearch Dashboards service to connect to the Opensearch - logstash - dedicated user to communicate logsender service to the Opensearch - kibana - a read-only user. This user shows on the login page For each user, password has been generated by sfconfig tool. You can find them in: .. code-block:: none /var/lib/software-factory/bootstrap-data/secrets.yaml .. note:: You can also reset a user password with admin user. Tenants ------- Software Factory is only configuring one tenant: `global`. Multi-tenancy is disabled (check Opensearch Dashboards configuration file).