Problem to retrieve some logs in the r-sessions.csv workbench file

Hello,

I am currently working on recovering some logs on rstudio.
The working environment on which I am working is the following:

  • a virtual machine running the Rstudio Workbench service
  • a GKE cluster that starts Rstudio sessions when you start a session on Rstudio Workbench

The problem I have right now is that some logs are not generated.
For example, in the file /var/lib/rstudio-server/audit/r-sessions/r-sessions.csv we get logs such as auth_login, session_start, session_quit, etc ...
However I don't get the file upload and download logs in a Rsession.

Here is my conf file :

cat > /etc/rstudio/rserver.conf << EOF

www-port=443

SSL

ssl-enabled=1
ssl-certificate=/etc/rstudio/cert.txt
ssl-certificate-key=/etc/rstudio/cert.key

server conf

launcher-address=localhost
launcher-port=5559
launcher-sessions-enabled=1
launcher-default-cluster=Kubernetes
launcher-sessions-callback-address={rs_workbench_address} launcher-sessions-container-run-as-root=0 launcher-sessions-create-container-user=1 launcher-sessions-container-image={r_session_default_image}
admin-enabled=1
admin-group=rstudio-admins

Log and monitoring config

server-health-check-enabled=1
audit-r-sessions=1
audit-r-sessions-limit-mb=20
audit-r-sessions-limit-months=1
audit-r-console=input

SAML

auth-saml=1
auth-saml-metadata-path=/etc/rstudio/metadata.xml
auth-saml-sp-attribute-username=samaccountname
#auth-saml-sp-attribute-username=http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
auth-saml-sp-base-uri=${rs_workbench_address} # Used as reply url
EOF

and here are the error messages I get when I access the session info start :

2023-01-06T17:53:53.790708Z [rsession-MY_VISA] ERROR asio.ssl error 337047686 (certificate verify failed (SSL routines, tls_process_server_certificate)) [host: rsw.teamdev.dev.df.avri.com, uri: /monitor/log_event, address: rsw.teamdev.dev.df.avri.com, port: 443, description: Failed request to auditing and monitoring service rserver-monitor]; OCCURRED AT void rstudio::core::http::TcpIpAsyncClientSsl::handleHandshake(const rstudio_boost::system::error_code&) src/cpp/session/SessionModuleContext.cpp:132;

And for all attempts to upload a file :

LOGGED FROM: void rstudio::monitor::{anonymous}::logErrorHandler(const rstudio::core::Error&) src/cpp/monitor/MonitorClientOverlay.cpp:64
2023-01-06T19:59:06.297591Z [rsession-MY_VISA] ERROR asio.ssl error 337047686 (certificate verify failed (SSL routines, tls_process_server_certificate)) [host: rsw.teamdev.dev.df.avri.com, uri: /monitor/log_console_action, address: rsw.teamdev.dev.df.avri.com, port: 443, description: Failed request to auditing and monitoring service rserver-monitor]; OCCURRED AT void rstudio::core::http::TcpIpAsyncClientSsl::handleHandshake(const rstudio_boost::system::error_code&) src/cpp/session/SessionModuleContext.cpp:132;

However, by adding the following line

launcher-sessions-callback-verify-ssl-certs=0

to the file /etc/rstudio/rserver.conf
I find the log session_file_upload and session_file_download that I searched, in the /var/lib/rstudio-server/audit/r-sessions/r-sessions.csv file of my workbench virtual machin.

This solution works but is not recommended in my company because setting

launcher-sessions-callback-verify-ssl-certs=0

indicates that we disable verification of the server's SSL certificate when Launcher sessions communicate back via the callback address.

So I tried another method by adding the following lines to the file /etc/rstudio/rserver.conf:

session-ssl-enabled = 1
session-ssl-cert = /etc/rstudio/cert.txt
session-ssl-cert-key = /etc/rstudio/cert.key

And I got this error :

2023-01-06T17:57:05.806196Z [rsession-MY_VISA] ERROR system error 2 (No such file or directory) [description: Session http certificate file does not exist: /etc/rstudio/cert.txt]; OCCURRED AT virtual rstudio::core::Error rstudio::session::TcpIpHttpConnectionListener::initializeAcceptor(rstudio::core::http::SocketAcceptorService<rstudio_boost::asio::ip::tcp>) src/cpp/session/http/SessionPosixHttpConnectionListener.cpp:82; LOGGED FROM: int main(int, char const*) src/cpp/session/SessionMain.cpp:2246

Can someone explaine me if my last solution is good and if it's a good solution can you help me to resolve it please ?

Thank you by advance,
Alain