How to track --> warning: You appear to have cloned an empty repository.

[anish....@gmail.com]

Hello Gerrit

We are trying to audit the users who accessed the gerrit repository.
We were able to use the gerrit audit plugin and get sufficent data on what users did like git clone/git push.

However, when a user does not have any permission to the project and still tried to git clone it they get the below error:

*********
Cloning into 'demo_commander'...
warning: You appear to have cloned an empty repository.
commit-msg  
100% 1791    34.8KB/s   00:00
*********
But this is not logged into the error that a user tried to clone a repository with no permissions.

Is there a way we can enable this in the audit logs or error_log so we track users who are trying to clone repos's without permissions.

NOTE: I have changed the log level to (ERROR, WARN, INFO, DEBUG) but that has not helped.

Configuration for audit plugin

*************
[audit-sl4j]
        format = JSON
        logName = audit.log
**************

Thank you,
Anish

[luca.mi...@gmail.com]

Sent from my iPhone

On 20 Jan 2022, at 07:23, anish....@gmail.com <anish....@gmail.com> wrote:

Hello Gerrit

We are trying to audit the users who accessed the gerrit repository.
We were able to use the gerrit audit plugin and get sufficent data on what users did like git clone/git push.

However, when a user does not have any permission to the project and still tried to git clone it they get the below error:

*********
Cloning into 'demo_commander'...
warning: You appear to have cloned an empty repository.
commit-msg  
100% 1791    34.8KB/s   00:00
*********
But this is not logged into the error that a user tried to clone a repository with no permissions.

Is there a way we can enable this in the audit logs or error_log so we track users who are trying to clone repos's without permissions.

I know, I believe I’ll need to make JGit cooperate with Gerrit to get that information out. From a protocol perspective the operation is successful and therefore the failure isn’t audited, which is an issue.

Luca 

NOTE: I have changed the log level to (ERROR, WARN, INFO, DEBUG) but that has not helped.

Configuration for audit plugin

*************
[audit-sl4j]
        format = JSON
        logName = audit.log
**************

Thank you,
Anish

--
--
To unsubscribe, email repo-discuss...@googlegroups.com
More info at http://groups.google.com/group/repo-discuss?hl=en

---
You received this message because you are subscribed to the Google Groups "Repo and Gerrit Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to repo-discuss...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/4a236ef4-2a89-478d-b853-ec6da1a5a2e9n%40googlegroups.com.

[anish....@gmail.com]

Is it possible to get that done in gerrit 3.2.11 or any other way we can track such information.

[luca.mi...@gmail.com]

Sent from my iPhone

On 20 Jan 2022, at 07:52, anish....@gmail.com <anish....@gmail.com> wrote:



Is it possible to get that done in gerrit 3.2.11 or any other way we can track such information.

Changes in Jgit to allow that information to surface would end up in master, which will target Gerrit 3.6 (furtive version in Spring 2022).

Gerrit v3.2 is EOL and is unlikely to get any new feature in.

Luca

To view this discussion on the web visit https://groups.google.com/d/msgid/repo-discuss/794e19c5-8559-45c9-8941-4e53daa34ddbn%40googlegroups.com.