I agree with the comment https://review.openstack.org/288643: if entity has been deleted it is away, no chance to query further details. And with #9 which confirms the first. For me it sounds as a quite real use case. How to answer the question: who was this guy from domain x, who participated on project y, in the group z and did several things but now has gone?
What about extending CADF payload with additional properties or probably make its content configurable so that the customers can extend content with the properties defined by keystone schema?
As I’ve seen in this document https://wiki.openstack.org/w/images/e/e1/Introduction_to_Cloud_Auditing_using_CADF_Event_Model_and_Taxonomy_2013-10-22.pdf there is already mentioned the idea of user ID/name pairs within CADF payload, but I think it is not available yet.
I agree with the comment https:/ /review. openstack. org/288643: if entity has been deleted it is away, no chance to query further details. And with #9 which confirms the first. For me it sounds as a quite real use case. How to answer the question: who was this guy from domain x, who participated on project y, in the group z and did several things but now has gone? /wiki.openstack .org/w/ images/ e/e1/Introducti on_to_Cloud_ Auditing_ using_CADF_ Event_Model_ and_Taxonomy_ 2013-10- 22.pdf there is already mentioned the idea of user ID/name pairs within CADF payload, but I think it is not available yet.
What about extending CADF payload with additional properties or probably make its content configurable so that the customers can extend content with the properties defined by keystone schema?
As I’ve seen in this document
https:/