{"id":19096615,"url":"https://github.com/sapcc/openstack-watcher-middleware","last_synced_at":"2026-05-26T20:30:17.736Z","repository":{"id":41954495,"uuid":"130372218","full_name":"sapcc/openstack-watcher-middleware","owner":"sapcc","description":"OpenStack Watcher Middleware -  Watches and classifies OpenStack traffic","archived":false,"fork":false,"pushed_at":"2024-03-15T16:11:08.000Z","size":988,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":56,"default_branch":"master","last_synced_at":"2025-02-19T18:47:25.975Z","etag":null,"topics":["cadf","openstack","statsd","wsgi"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sapcc.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-04-20T14:19:59.000Z","updated_at":"2022-11-14T13:02:40.000Z","dependencies_parsed_at":"2024-11-09T03:37:25.515Z","dependency_job_id":"fc02f947-eb12-4158-a410-d8ae58879952","html_url":"https://github.com/sapcc/openstack-watcher-middleware","commit_stats":null,"previous_names":[],"tags_count":35,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sapcc%2Fopenstack-watcher-middleware","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sapcc%2Fopenstack-watcher-middleware/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sapcc%2Fopenstack-watcher-middleware/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sapcc%2Fopenstack-watcher-middleware/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sapcc","download_url":"https://codeload.github.com/sapcc/openstack-watcher-middleware/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240149812,"owners_count":19755752,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cadf","openstack","statsd","wsgi"],"created_at":"2024-11-09T03:37:15.602Z","updated_at":"2026-05-26T20:30:15.680Z","avatar_url":"https://github.com/sapcc.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"OpenStack Watcher Middleware\n===============================\n\n[![Build Status](https://travis-ci.org/sapcc/openstack-watcher-middleware.svg?branch=master)](https://travis-ci.org/sapcc/openstack-watcher-middleware)\n\nThe OpenStack Watcher is a WSGI middleware capable of analyzing OpenStack traffic and classifying according to the CADF Specification outlined further below.\n\n## Features\n\n- Analyzes OpenStack requests\n- Classifies requests according to [DMTF CADF specification](https://www.dmtf.org/standards/cadf).\n- Stores classification data in GCI environment, which is passed to subsequent WSGI middlewares for further evaluation\n- Exposes Prometheus metrics\n\n## Principles\n\nThe watcher middleware classifies OpenStack requests based on the Cloud Auditing Data Federation (CADF) specification.\nIt distinguishes between `initiator` and `target` of an action. \n`Initiator` describes the resource or the user who sent the request, `Target` refers to the resource against which the action was performed.\n\n### CADF Specification\n\nThe Cloud Audit Data Federation (CADF) specification defines a model for events within the OpenStack platform.\nThis data model is used by the watcher middleware to classify requests.\nMore information is provided in the [CADF documentation](./doc/cadf.md).\n\n### Metrics\n\nThe openstack-watcher-middleware exposes the following Prometheus metrics via statsD.\n\n`openstack_watcher_api_requests_total`                  - total count of api requests\n`openstack_watcher_api_requests_duration_seconds`       - request latency in seconds\n`openstack_watcher_api_requests_duration_seconds_count` - total number of samples of the request duration metric\n`openstack_watcher_api_requests_duration_seconds_sum`   - sum of request latency\n\n## Supported Services\n\nThis middleware currently provides CADF-compliant support for the following OpenStack services:\n````\n|-----------------------|-----------------------|\n| Service name          | Service type          |\n|-----------------------|-----------------------|\n| Barbican              | key-manager           |\n| Cinder                | volume                | \n| Designate             | dns                   |\n| Glance                | image                 | \n| Ironic                | baremetal             |\n| Keystone              | identity              |\n| Manila                | share                 |\n| Neutron               | network               |\n| Nova                  | compute               |\n| Swift                 | object-store          |\n|-----------------------|-----------------------|\n````\n\nConfigurations for these services are provided [here](./etc) \nSupport for additional OpenStack services might require additional action configurations.\n\n## Installation \u0026 Usage\n\nInstall via\n```\npip install git+https://github.com/sapcc/openstack-watcher-middleware.git \n```\n\n### Pipeline \n\nThe watcher should be added after the keystone auth_token middleware to be able to obtain information on the scope (project/domain) of the action.\n```\npipeline = .. auth_token watcher ..\n```\n\n### Configuration\n\nMandatory configuration options in the paste.ini as shown below. See the [configuration section](./doc/configuration.md) for more options.\n```yaml\n[filter:watcher]\nuse = egg:watcher-middleware#watcher\n# service_type as defined in service catalog. See supported services.\n# example: object-store, compute, dns, etc.\nservice_type = \u003cservice_type\u003e\n\n# path to configuration file containing customized action definitions\nconfig_file = /etc/watcher.yaml\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsapcc%2Fopenstack-watcher-middleware","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsapcc%2Fopenstack-watcher-middleware","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsapcc%2Fopenstack-watcher-middleware/lists"}