Add EVENT_LOG for forensics
During the last security challenge, the CMS team has noticed that the default Condor config does not provide enough information
to properly track where the jobs were running.
The problem is due to the fact that Condor logs just the IP of the worker node, which may not be very significant in a WAN environment
The solution we came up with was to enable the event log, and add the glidein-specific attributes to the list of logged info there.
Can we make this the default for gwms schedd installations?
#1 Updated by Igor Sfiligoi over 7 years ago
Here is what we had to put in the schedd config:
EVENT_LOG = $(LOG)/EventLog EVENT_LOG_JOB_AD_INFORMATION_ATTRS=Owner # these are logged while the job is running EVENT_LOG_JOB_AD_INFORMATION_ATTRS=$(EVENT_LOG_JOB_AD_INFORMATION_ATTRS),\ RemoteHost,JOB_Site,JOB_GLIDEIN_Entry_Name,JOB_GLIDEIN_Name,\ JOB_GLIDEIN_Factory,JOB_GLIDEIN_Schedd,JOB_GLIDEIN_Schedd,\ JOB_GLIDEIN_ClusterId,JOB_GLIDEIN_ProcId,JOB_GLIDEIN_Site # these are logged once the job finishes EVENT_LOG_JOB_AD_INFORMATION_ATTRS=$(EVENT_LOG_JOB_AD_INFORMATION_ATTRS),\ MATCH_GLIDEIN_Entry_Name,MATCH_GLIDEIN_ProcId,MATCH_GLIDEIN_Site,\ MATCH_GLIDEIN_Factory,MATCH_GLIDEIN_Schedd,MATCH_GLIDEIN_ClusterId,\ MATCH_GLIDEIN_Name
One may also want to add reasonable size and rotation values