Hi, I am currently doing some security dig in on lxd server.
I need to determine all lxc client that have been authorise to connect to a lxd server.
Your help is appreciated
lxc config trust list might be what your looking for
1 Like
Yes it does the job 
tx
But, I am still not able to find any connection attempts in the log of the server.
I have try tcptrack -i br1 port 8443, it does the job if i am in front of the console 
I could use a tcpdump in a screen session, but if i use LsdMosaic per example you would see a lot of traffic, I would have to filter a lot of information… also try ufw
To get a log of all requests, you’ll need to enable debug mode. Either by passing --debug to the daemon or by using snap set lxd daemon.debug=true && systemctl reload snap.lxd.daemon.
Alternatively you can always see those entries live by using lxc monitor --type=logging --pretty
1 Like
Thank for the fast answer
Information from lxc monitor is more complete than the debug mode.
It will be nice to have lxc monitor running as a daemon for security monitoring.
lxc monitor is also special in that for clusters it will show you info and higher messages for all nodes, not just your local one.
Our Go API makes receiving those events pretty simple and even in another language, connecting to /1.0/events using websocket is reasonably easy, so if you have specific auditing needs, writing a piece of code which subscribes to just what you want should work well.
Also note the special event type lifecycle which lets you easily log all instance operations.
1 Like