Add events for JWT session for create/refresh/exchange. Fixes #2119

CHANGELOG.md

@@ -6,6 +6,17 @@
 
 ## Component Updates and Bug Fixes
 
+* github.com/openziti/edge-api: [v0.26.30 -> v0.26.31](https://github.com/openziti/edge-api/compare/v0.26.30...v0.26.31)
+* github.com/openziti/jwks: [v1.0.5 -> v1.0.6](https://github.com/openziti/jwks/compare/v1.0.5...v1.0.6)
+* github.com/openziti/ziti: [v1.1.13 -> v1.1.14](https://github.com/openziti/ziti/compare/v1.1.13...v1.1.14)
+    * [Issue #2119](https://github.com/openziti/ziti/issues/2119) - Add authentication events
+    * [Issue #2424](https://github.com/openziti/ziti/issues/2424) - Enabling any health check causes WARNING to be logged
+    * [Issue #2454](https://github.com/openziti/ziti/issues/2454) - Fix release archive
+    * [Issue #1479](https://github.com/openziti/ziti/issues/1479) - ziti edge list ... show paginated output but no suggestions on how to go to next page
+    * [Issue #1420](https://github.com/openziti/ziti/issues/1420) - ziti-cli comma+space causes unhelpful error
+    * [Issue #2207](https://github.com/openziti/ziti/issues/2207) - ziti edge login --token -- gets "username and password fields are required"
+    * [Issue #2444](https://github.com/openziti/ziti/issues/2444) - Change default semantic for policies created from the CLI from AllOf to AnyOf
+
 * github.com/openziti/xweb/v2: [v2.1.2 -> v2.1.3](https://github.com/openziti/xweb/compare/v2.1.2...v2.1.3)
   * [Issue #2454](https://github.com/openziti/ziti/issues/2454) - Fix release archive
   * [Issue #2429](https://github.com/openziti/ziti/issues/2429) - Controller configurations without default Edge API binding panics 

controller/env/appenv.go

@@ -258,6 +258,10 @@ func (ae *AppEnv) GetManagers() *model.Managers {
 	return ae.Managers
 }
 
+func (ae *AppEnv) GetEventDispatcher() event.Dispatcher {
+	return ae.HostController.GetEventDispatcher()
+}
+
 func (ae *AppEnv) GetConfig() *config.Config {
 	return ae.HostController.GetConfig()
 }

controller/event/api_session.go

@@ -23,12 +23,18 @@ import (
 
 const ApiSessionEventTypeCreated = "created"
 const ApiSessionEventTypeDeleted = "deleted"
+const ApiSessionEventTypeRefreshed = "refreshed"
+const ApiSessionEventTypeExchanged = "exchanged"
 const ApiSessionEventNS = "edge.apiSessions"
 
+const ApiSessionTypeLegacy = "legacy"
+const ApiSessionTypeJwt = "jwt"
+
 type ApiSessionEvent struct {
 	Namespace  string    `json:"namespace"`
 	EventType  string    `json:"event_type"`
 	Id         string    `json:"id"`
+	Type       string    `json:"type"`
 	Timestamp  time.Time `json:"timestamp"`
 	Token      string    `json:"token"`
 	IdentityId string    `json:"identity_id"`

controller/event/dispatcher.go

@@ -124,6 +124,7 @@ type Dispatcher interface {
 	AddEntityCountEventHandler(handler EntityCountEventHandler, interval time.Duration, onlyLeaderEvents bool)
 	RemoveEntityCountEventHandler(handler EntityCountEventHandler)
 
+	ApiSessionEventHandler
 	CircuitEventHandler
 	EntityChangeEventHandler
 	LinkEventHandler

controller/event/dispatcher_mock.go

@@ -27,6 +27,8 @@ var _ Dispatcher = DispatcherMock{}
 
 type DispatcherMock struct{}
 
+func (d DispatcherMock) AcceptApiSessionEvent(event *ApiSessionEvent) {}
+
 func (d DispatcherMock) AddApiSessionEventHandler(handler ApiSessionEventHandler) {}
 
 func (d DispatcherMock) RemoveApiSessionEventHandler(handler ApiSessionEventHandler) {}

controller/events/dispatcher_api_session.go

@@ -48,36 +48,40 @@ func (self *Dispatcher) initApiSessionEvents(stores *db.Stores) {
 	stores.ApiSession.AddEntityEventListenerF(self.apiSessionDeleted, boltz.EntityDeleted)
 }
 
+func (self *Dispatcher) AcceptApiSessionEvent(evt *event.ApiSessionEvent) {
+	for _, handler := range self.apiSessionEventHandlers.Value() {
+		go handler.AcceptApiSessionEvent(evt)
+	}
+}
+
 func (self *Dispatcher) apiSessionCreated(apiSession *db.ApiSession) {
-	event := &event.ApiSessionEvent{
+	evt := &event.ApiSessionEvent{
 		Namespace:  event.ApiSessionEventNS,
 		EventType:  event.ApiSessionEventTypeCreated,
 		Id:         apiSession.Id,
+		Type:       event.ApiSessionTypeLegacy,
 		Timestamp:  time.Now(),
 		Token:      apiSession.Token,
 		IdentityId: apiSession.IdentityId,
 		IpAddress:  apiSession.IPAddress,
 	}
 
-	for _, handler := range self.apiSessionEventHandlers.Value() {
-		go handler.AcceptApiSessionEvent(event)
-	}
+	self.AcceptApiSessionEvent(evt)
 }
 
 func (self *Dispatcher) apiSessionDeleted(apiSession *db.ApiSession) {
-	event := &event.ApiSessionEvent{
+	evt := &event.ApiSessionEvent{
 		Namespace:  event.ApiSessionEventNS,
 		EventType:  event.ApiSessionEventTypeDeleted,
 		Id:         apiSession.Id,
+		Type:       event.ApiSessionTypeLegacy,
 		Timestamp:  time.Now(),
 		Token:      apiSession.Token,
 		IdentityId: apiSession.IdentityId,
 		IpAddress:  apiSession.IPAddress,
 	}
 
-	for _, handler := range self.apiSessionEventHandlers.Value() {
-		go handler.AcceptApiSessionEvent(event)
-	}
+	self.AcceptApiSessionEvent(evt)
 }
 
 func (self *Dispatcher) registerApiSessionEventHandler(val interface{}, config map[string]interface{}) error {

controller/model/env.go

@@ -34,6 +34,7 @@ import (
 type Env interface {
 	GetCommandDispatcher() command.Dispatcher
 	GetManagers() *Managers
+	GetEventDispatcher() event.Dispatcher
 	GetConfig() *config.Config
 	GetDb() boltz.Db
 	GetStores() *db.Stores

controller/model/testing.go

@@ -51,6 +51,10 @@ type TestContext struct {
 	dispatcher      command.Dispatcher
 }
 
+func (ctx *TestContext) GetEventDispatcher() event.Dispatcher {
+	panic("implement me")
+}
+
 func (self *TestContext) GetCloseNotifyChannel() <-chan struct{} {
 	return self.closeNotify
 }

controller/oidc_auth/storage.go

@@ -8,6 +8,7 @@ import (
 	"errors"
 	"fmt"
 	"github.com/openziti/foundation/v2/errorz"
+	"github.com/openziti/ziti/controller/event"
 	"gopkg.in/go-jose/go-jose.v2"
 	"net/http"
 	"strings"
@@ -393,7 +394,7 @@ func (s *HybridStorage) DeleteAuthRequest(_ context.Context, id string) error {
 
 // CreateAccessToken implements the op.Storage interface
 func (s *HybridStorage) CreateAccessToken(ctx context.Context, request op.TokenRequest) (string, time.Time, error) {
-	accessTokenId, accessClaims, err := s.createAccessToken(request)
+	accessTokenId, accessClaims, err := s.createAccessToken(ctx, request)
 
 	if err != nil {
 		return "", time.Time{}, err
@@ -411,7 +412,7 @@ func (s *HybridStorage) CreateAccessToken(ctx context.Context, request op.TokenR
 }
 
 // createAccessToken converts an op.TokenRequest into an access token
-func (s *HybridStorage) createAccessToken(request op.TokenRequest) (string, *common.AccessClaims, error) {
+func (s *HybridStorage) createAccessToken(ctx context.Context, request op.TokenRequest) (string, *common.AccessClaims, error) {
 	now := time.Now()
 
 	claims := &common.AccessClaims{
@@ -430,8 +431,11 @@ func (s *HybridStorage) createAccessToken(request op.TokenRequest) (string, *com
 		CustomClaims: common.CustomClaims{},
 	}
 
+	var eventType = "unhandled"
+
 	switch req := request.(type) {
 	case *AuthRequest:
+		eventType = event.ApiSessionEventTypeCreated
 		claims.CustomClaims.ApiSessionId = req.ApiSessionId
 		claims.CustomClaims.ApplicationId = req.ClientID
 		claims.CustomClaims.ConfigTypes = req.ConfigTypes
@@ -445,11 +449,13 @@ func (s *HybridStorage) createAccessToken(request op.TokenRequest) (string, *com
 		claims.AccessTokenClaims.AuthenticationMethodsReferences = req.GetAMR()
 		claims.ClientID = req.ClientID
 	case *RefreshTokenRequest:
+		eventType = event.ApiSessionEventTypeRefreshed
 		claims.CustomClaims = req.CustomClaims
 		claims.AuthTime = req.AuthTime
 		claims.AccessTokenClaims.AuthenticationMethodsReferences = req.GetAMR()
 		claims.ClientID = req.ClientID
 	case op.TokenExchangeRequest:
+		eventType = event.ApiSessionEventTypeExchanged
 		mapClaims := req.GetExchangeSubjectTokenClaims()
 		subjectClaims := &common.AccessClaims{}
 		if mapClaims != nil {
@@ -501,12 +507,28 @@ func (s *HybridStorage) createAccessToken(request op.TokenRequest) (string, *com
 	claims.CustomClaims.IsAdmin = identity.IsAdmin
 	claims.CustomClaims.ExternalId = stringz.OrEmpty(identity.ExternalId)
 
+	ipAddr := ""
+	if httpRequest, _ := HttpRequestFromContext(ctx); httpRequest != nil {
+		ipAddr = httpRequest.RemoteAddr
+	}
+
+	evt := &event.ApiSessionEvent{
+		Namespace:  event.ApiSessionEventNS,
+		EventType:  eventType,
+		Id:         claims.ApiSessionId,
+		Type:       event.ApiSessionTypeJwt,
+		Timestamp:  time.Now(),
+		IdentityId: identity.Id,
+		IpAddress:  ipAddr,
+	}
+	s.env.GetEventDispatcher().AcceptApiSessionEvent(evt)
+
 	return claims.JWTID, claims, nil
 }
 
 // CreateAccessAndRefreshTokens implements the op.Storage interface
 func (s *HybridStorage) CreateAccessAndRefreshTokens(ctx context.Context, request op.TokenRequest, currentRefreshToken string) (accessTokenID string, newRefreshToken string, expiration time.Time, err error) {
-	accessTokenId, accessClaims, err := s.createAccessToken(request)
+	accessTokenId, accessClaims, err := s.createAccessToken(ctx, request)
 
 	if err != nil {
 		return "", "", time.Time{}, err

zititest/go.mod

@@ -12,7 +12,7 @@ require (
 	github.com/michaelquigley/pfxlog v0.6.10
 	github.com/openziti/agent v1.0.18
 	github.com/openziti/channel/v3 v3.0.3
-	github.com/openziti/edge-api v0.26.30
+	github.com/openziti/edge-api v0.26.31
 	github.com/openziti/fablab v0.5.60
 	github.com/openziti/foundation/v2 v2.0.49
 	github.com/openziti/identity v1.0.85
@@ -80,7 +80,7 @@ require (
 	github.com/go-openapi/strfmt v0.23.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/go-openapi/validate v0.24.0 // indirect
-	github.com/go-resty/resty/v2 v2.15.0 // indirect
+	github.com/go-resty/resty/v2 v2.15.3 // indirect
 	github.com/golang-jwt/jwt/v5 v5.2.1 // indirect
 	github.com/golang/protobuf v1.5.4 // indirect
 	github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 // indirect
@@ -141,7 +141,7 @@ require (
 	github.com/openziti-incubator/cf v0.0.3 // indirect
 	github.com/openziti/cobra-to-md v1.0.1 // indirect
 	github.com/openziti/dilithium v0.3.5 // indirect
-	github.com/openziti/jwks v1.0.5 // indirect
+	github.com/openziti/jwks v1.0.6 // indirect
 	github.com/openziti/metrics v1.2.58 // indirect
 	github.com/openziti/runzmd v1.0.51 // indirect
 	github.com/openziti/secretstream v0.1.24 // indirect
@@ -182,11 +182,11 @@ require (
 	github.com/xeipuuv/gojsonschema v1.2.0 // indirect
 	github.com/yusufpapurcu/wmi v1.2.4 // indirect
 	github.com/zitadel/oidc/v2 v2.12.2 // indirect
-	go.mongodb.org/mongo-driver v1.16.1 // indirect
+	go.mongodb.org/mongo-driver v1.17.0 // indirect
 	go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect
-	go.opentelemetry.io/otel v1.29.0 // indirect
-	go.opentelemetry.io/otel/metric v1.29.0 // indirect
-	go.opentelemetry.io/otel/trace v1.29.0 // indirect
+	go.opentelemetry.io/otel v1.30.0 // indirect
+	go.opentelemetry.io/otel/metric v1.30.0 // indirect
+	go.opentelemetry.io/otel/trace v1.30.0 // indirect
 	go.uber.org/atomic v1.9.0 // indirect
 	go.uber.org/multierr v1.9.0 // indirect
 	go4.org v0.0.0-20180809161055-417644f6feb5 // indirect

zititest/go.sum

@@ -245,8 +245,8 @@ github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+Gr
 github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ=
 github.com/go-openapi/validate v0.24.0 h1:LdfDKwNbpB6Vn40xhTdNZAnfLECL81w+VX3BumrGD58=
 github.com/go-openapi/validate v0.24.0/go.mod h1:iyeX1sEufmv3nPbBdX3ieNviWnOZaJ1+zquzJEf2BAQ=
-github.com/go-resty/resty/v2 v2.15.0 h1:clPQLZ2x9h4yGY81IzpMPnty+xoGyFaDg0XMkCsHf90=
-github.com/go-resty/resty/v2 v2.15.0/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU=
+github.com/go-resty/resty/v2 v2.15.3 h1:bqff+hcqAflpiF591hhJzNdkRsFhlB96CYfBwSFvql8=
+github.com/go-resty/resty/v2 v2.15.3/go.mod h1:0fHAoK7JoBy/Ch36N8VFeMsK7xQOHhvWaC3iOktwmIU=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
@@ -598,16 +598,16 @@ github.com/openziti/cobra-to-md v1.0.1 h1:WRinNoIRmwWUSJm+pSNXMjOrtU48oxXDZgeCYQ
 github.com/openziti/cobra-to-md v1.0.1/go.mod h1:FjCpk/yzHF7/r28oSTNr5P57yN5VolpdAtS/g7KNi2c=
 github.com/openziti/dilithium v0.3.5 h1:+envGNzxc3OyVPiuvtxivQmCsOjdZjtOMLpQBeMz7eM=
 github.com/openziti/dilithium v0.3.5/go.mod h1:XONq1iK6te/WwNzkgZHfIDHordMPqb0hMwJ8bs9EfSk=
-github.com/openziti/edge-api v0.26.30 h1:Zeit+UJbMhL8aJkcHKsq7XyRX2b7p/hBWL3nzo60gS8=
-github.com/openziti/edge-api v0.26.30/go.mod h1:Ya4b6u+SmkqSU2HsWxahwhZ3g+aBqW8mzfm/OOSdCNM=
+github.com/openziti/edge-api v0.26.31 h1:9XljIuZNhoPbiIicQYuxNyL7erpowZce3aOg1CkoxSo=
+github.com/openziti/edge-api v0.26.31/go.mod h1:f5paewA+1G6JMZddYgXqA9Zp6BBXOJ1i4K42B+ET5ns=
 github.com/openziti/fablab v0.5.60 h1:RsqrEb3LV6asK5N97uZKyNSDhcNOeDcAuT4OAD/hY9Y=
 github.com/openziti/fablab v0.5.60/go.mod h1:B/ib+GOtozEIytv2aXSFl9+dL7AiGfbpGS/VjnNduU8=
 github.com/openziti/foundation/v2 v2.0.49 h1:aQ5I/lMhkHQ6urhRpLwrWP+7YtoeUitCfY/wub+nOqo=
 github.com/openziti/foundation/v2 v2.0.49/go.mod h1:tFk7wg5WE/nDDur5jSVQTROugKDXQkFvmqRSV4pvWp0=
 github.com/openziti/identity v1.0.85 h1:jphDHrUCXCJGdbVTMBqsdtS0Ei/vhDH337DMNMYzLro=
 github.com/openziti/identity v1.0.85/go.mod h1:beIXWNDImEjZn93XPOorJzyuQCQUYOvKFQ0fWhLN2qM=
-github.com/openziti/jwks v1.0.5 h1:JVoOeccqLEtKBc9GcyJODVZYVk50YwEaDTocm+KgKbI=
-github.com/openziti/jwks v1.0.5/go.mod h1:t4xxq8vlXGsPn29kiQVnZBBDDnEoOFqtJoHibkJunQQ=
+github.com/openziti/jwks v1.0.6 h1:PR+9OVaMO8oHEoVQmHqeUBExWwLWyODEGJQK2DXHaqE=
+github.com/openziti/jwks v1.0.6/go.mod h1:t4xxq8vlXGsPn29kiQVnZBBDDnEoOFqtJoHibkJunQQ=
 github.com/openziti/metrics v1.2.58 h1:AbHSTMKHP/o6r6fh7a08c486Y/5f5xjkZQbcyn3w1tM=
 github.com/openziti/metrics v1.2.58/go.mod h1:zGLMrLvVFOxo9tXUf8svcUsASxsPjhW9foW92FUzmDs=
 github.com/openziti/runzmd v1.0.51 h1:Vz+2nfF9AyKQGyKwBUnpL2DH/4cL+3rOuLWj8lkNDBc=
@@ -838,8 +838,8 @@ go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
 go.etcd.io/etcd/api/v3 v3.5.0/go.mod h1:cbVKeC6lCfl7j/8jBhAK6aIYO9XOjdptoxU/nLQcPvs=
 go.etcd.io/etcd/client/pkg/v3 v3.5.0/go.mod h1:IJHfcCEKxYu1Os13ZdwCwIUTUVGYTSAM3YSwc9/Ac1g=
 go.etcd.io/etcd/client/v2 v2.305.0/go.mod h1:h9puh54ZTgAKtEbut2oe9P4L/oqKCVB6xsXlzd7alYQ=
-go.mongodb.org/mongo-driver v1.16.1 h1:rIVLL3q0IHM39dvE+z2ulZLp9ENZKThVfuvN/IiN4l8=
-go.mongodb.org/mongo-driver v1.16.1/go.mod h1:oB6AhJQvFQL4LEHyXi6aJzQJtBiTQHiAd83l0GdFaiw=
+go.mongodb.org/mongo-driver v1.17.0 h1:Hp4q2MCjvY19ViwimTs00wHi7G4yzxh4/2+nTx8r40k=
+go.mongodb.org/mongo-driver v1.17.0/go.mod h1:wwWm/+BuOddhcq3n68LKRmgk2wXzmF6s0SFOa0GINL4=
 go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 h1:CCriYyAfq1Br1aIYettdHZTy8mBTIPo7We18TuO/bak=
 go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352/go.mod h1:SNgMg+EgDFwmvSmLRTNKC5fegJjB7v23qTQ0XLGUNHk=
 go.opencensus.io v0.18.0/go.mod h1:vKdFvxhtzZ9onBp9VKHK8z/sRpBMnKAsufL7wlDrCOA=
@@ -850,14 +850,14 @@ go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.4/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
 go.opencensus.io v0.22.5/go.mod h1:5pWMHQbX5EPX2/62yrJeAkowc+lfs/XD7Uxpq3pI6kk=
 go.opencensus.io v0.23.0/go.mod h1:XItmlyltB5F7CS4xOC1DcqMoFqwtC6OG2xF7mCv7P7E=
-go.opentelemetry.io/otel v1.29.0 h1:PdomN/Al4q/lN6iBJEN3AwPvUiHPMlt93c8bqTG5Llw=
-go.opentelemetry.io/otel v1.29.0/go.mod h1:N/WtXPs1CNCUEx+Agz5uouwCba+i+bJGFicT8SR4NP8=
-go.opentelemetry.io/otel/metric v1.29.0 h1:vPf/HFWTNkPu1aYeIsc98l4ktOQaL6LeSoeV2g+8YLc=
-go.opentelemetry.io/otel/metric v1.29.0/go.mod h1:auu/QWieFVWx+DmQOUMgj0F8LHWdgalxXqvp7BII/W8=
+go.opentelemetry.io/otel v1.30.0 h1:F2t8sK4qf1fAmY9ua4ohFS/K+FUuOPemHUIXHtktrts=
+go.opentelemetry.io/otel v1.30.0/go.mod h1:tFw4Br9b7fOS+uEao81PJjVMjW/5fvNCbpsDIXqP0pc=
+go.opentelemetry.io/otel/metric v1.30.0 h1:4xNulvn9gjzo4hjg+wzIKG7iNFEaBMX00Qd4QIZs7+w=
+go.opentelemetry.io/otel/metric v1.30.0/go.mod h1:aXTfST94tswhWEb+5QjlSqG+cZlmyXy/u8jFpor3WqQ=
 go.opentelemetry.io/otel/sdk v1.24.0 h1:YMPPDNymmQN3ZgczicBY3B6sf9n62Dlj9pWD3ucgoDw=
 go.opentelemetry.io/otel/sdk v1.24.0/go.mod h1:KVrIYw6tEubO9E96HQpcmpTKDVn9gdv35HoYiQWGDFg=
-go.opentelemetry.io/otel/trace v1.29.0 h1:J/8ZNK4XgR7a21DZUAsbF8pZ5Jcw1VhACmnYt39JTi4=
-go.opentelemetry.io/otel/trace v1.29.0/go.mod h1:eHl3w0sp3paPkYstJOmAimxhiFXPg+MMTlEh3nsQgWQ=
+go.opentelemetry.io/otel/trace v1.30.0 h1:7UBkkYzeg3C7kQX8VAidWh2biiQbtAKjyIML8dQ9wmc=
+go.opentelemetry.io/otel/trace v1.30.0/go.mod h1:5EyKqTzzmyqB9bwtCCq6pDLktPK6fmGf/Dph+8VI02o=
 go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
 go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.9.0 h1:ECmE8Bn/WFTYwEW/bpKD3M8VtR/zQVbavAoalC1PYyE=

zititest/models/smoke/configs/ctrl.yml.tmpl

@@ -38,9 +38,9 @@ ctrl:
     # connections. The value of newListener must be resolvable both via DNS and validate via certificates
     #newListener: tls:localhost:6262
 
-#events:
-#  jsonLogger:
-#    subscriptions:
+events:
+  jsonLogger:
+    subscriptions:
 #      - type: fabric.routers
 #      - type: fabric.terminators
 #      - type: metrics
@@ -52,16 +52,16 @@ ctrl:
 #      - type: edge.sessions
 #        include:
 #          - created
-#      - type: edge.apiSessions
+      - type: edge.apiSessions
 #      - type: fabric.usage
 #      - type: services
 #      - type: fabric.usage
 #      - type: edge.entityCounts
 #        interval: 5s
-#    handler:
-#      type: file
-#      format: json
-#      path: /tmp/ziti-events.log
+    handler:
+      type: file
+      format: json
+      path: /home/{{ .Model.MustVariable "credentials.ssh.username" }}/logs/events.json
 
 healthChecks:
   boltCheck: