github.com/vnforks/kid/v5@v5.22.1-0.20200408055009-b89d99c65676/app/audit.go (about) 1 // Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved. 2 // See LICENSE.txt for license information. 3 4 package app 5 6 import ( 7 "fmt" 8 9 "github.com/vnforks/kid/v5/audit" 10 "github.com/vnforks/kid/v5/mlog" 11 "github.com/vnforks/kid/v5/model" 12 ) 13 14 const ( 15 RestLevelID = 240 16 RestContentLevelID = 241 17 RestPermsLevelID = 242 18 CLILevelID = 243 19 ) 20 21 var ( 22 RestLevel = audit.Level{ID: RestLevelID, Name: "audit-rest", Stacktrace: false} 23 RestContentLevel = audit.Level{ID: RestContentLevelID, Name: "audit-rest-content", Stacktrace: false} 24 RestPermsLevel = audit.Level{ID: RestPermsLevelID, Name: "audit-rest-perms", Stacktrace: false} 25 CLILevel = audit.Level{ID: CLILevelID, Name: "audit-cli", Stacktrace: false} 26 ) 27 28 func (a *App) GetAudits(userId string, limit int) (model.Audits, *model.AppError) { 29 return a.Srv().Store.Audit().Get(userId, 0, limit) 30 } 31 32 func (a *App) GetAuditsPage(userId string, page int, perPage int) (model.Audits, *model.AppError) { 33 return a.Srv().Store.Audit().Get(userId, page*perPage, perPage) 34 } 35 36 func (s *Server) configureAudit(adt *audit.Audit) { 37 adt.OnQueueFull = s.onAuditTargetQueueFull 38 adt.OnError = s.onAuditError 39 40 // Configure target for SysLog via TLS. 41 // See https://www.rsyslog.com/doc/v8-stable/tutorials/tls_cert_summary.html 42 if *s.Config().ExperimentalAuditSettings.SysLogEnabled { 43 IP := *s.Config().ExperimentalAuditSettings.SysLogIP 44 if IP == "" { 45 IP = "localhost" 46 } 47 port := *s.Config().ExperimentalAuditSettings.SysLogPort 48 if port <= 0 { 49 port = 6514 50 } 51 raddr := fmt.Sprintf("%s:%d", IP, port) 52 maxQSize := *s.Config().ExperimentalAuditSettings.SysLogMaxQueueSize 53 if maxQSize <= 0 { 54 maxQSize = audit.DefMaxQueueSize 55 } 56 57 params := &audit.SyslogParams{ 58 Raddr: raddr, 59 Cert: *s.Config().ExperimentalAuditSettings.SysLogCert, 60 Tag: *s.Config().ExperimentalAuditSettings.SysLogTag, 61 Insecure: *s.Config().ExperimentalAuditSettings.SysLogInsecure, 62 } 63 64 filter := adt.MakeFilter(RestLevel, RestContentLevel, RestPermsLevel, CLILevel) 65 formatter := adt.MakeJSONFormatter() 66 target, err := audit.NewSyslogTLSTarget(filter, formatter, params, maxQSize) 67 if err != nil { 68 mlog.Error("cannot configure SysLogTLS audit target", mlog.Err(err)) 69 } else { 70 mlog.Debug("SysLogTLS audit target connected successfully", mlog.String("raddr", raddr)) 71 adt.AddTarget(target) 72 } 73 } 74 75 // Configure target for rotating file output 76 if *s.Config().ExperimentalAuditSettings.FileEnabled { 77 opts := audit.FileOptions{ 78 Filename: *s.Config().ExperimentalAuditSettings.FileName, 79 MaxSize: *s.Config().ExperimentalAuditSettings.FileMaxSizeMB, 80 MaxAge: *s.Config().ExperimentalAuditSettings.FileMaxAgeDays, 81 MaxBackups: *s.Config().ExperimentalAuditSettings.FileMaxBackups, 82 Compress: *s.Config().ExperimentalAuditSettings.FileCompress, 83 } 84 85 maxQueueSize := *s.Config().ExperimentalAuditSettings.FileMaxQueueSize 86 if maxQueueSize <= 0 { 87 maxQueueSize = audit.DefMaxQueueSize 88 } 89 90 filter := adt.MakeFilter(RestLevel, RestContentLevel, RestPermsLevel, CLILevel) 91 formatter := adt.MakeJSONFormatter() 92 formatter.DisableTimestamp = false 93 formatter.Indent = "\n" 94 target, err := audit.NewFileTarget(filter, formatter, opts, maxQueueSize) 95 if err != nil { 96 mlog.Error("cannot configure File audit target", mlog.Err(err)) 97 } else { 98 mlog.Debug("File audit target created successfully", mlog.String("filename", opts.Filename)) 99 adt.AddTarget(target) 100 } 101 } 102 } 103 104 func (s *Server) onAuditTargetQueueFull(qname string, maxQSize int) { 105 mlog.Warn("Audit Queue Full", mlog.String("qname", qname), mlog.Int("maxQSize", maxQSize)) 106 } 107 108 func (s *Server) onAuditError(err error) { 109 mlog.Error("Audit Error", mlog.Err(err)) 110 }