mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-29 17:52:32 +00:00
audit/syslog: first pass
This commit is contained in:
Armon Dadgar
committed by
Mitchell Hashimoto
Mitchell Hashimoto
parent
4b942e9ccd
commit
44fb28f762
60
builtin/audit/syslog/backend.go
Normal file
60
builtin/audit/syslog/backend.go
Normal file
@@ -0,0 +1,60 @@
|
||||
package file
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
|
||||
"github.com/hashicorp/go-syslog"
|
||||
"github.com/hashicorp/vault/audit"
|
||||
"github.com/hashicorp/vault/logical"
|
||||
)
|
||||
|
||||
func Factory(conf map[string]string) (audit.Backend, error) {
|
||||
// Get facility or default to AUTH
|
||||
facility, ok := conf["facility"]
|
||||
if !ok {
|
||||
facility = "AUTH"
|
||||
}
|
||||
|
||||
// Get tag or default to 'vault'
|
||||
tag, ok := conf["tag"]
|
||||
if !ok {
|
||||
tag = "vault"
|
||||
}
|
||||
|
||||
// Get the logger
|
||||
logger, err := gsyslog.NewLogger(gsyslog.LOG_INFO, facility, tag)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
b := &Backend{
|
||||
logger: logger,
|
||||
}
|
||||
return b, nil
|
||||
}
|
||||
|
||||
// Backend is the audit backend for the syslog-based audit store.
|
||||
type Backend struct {
|
||||
logger gsyslog.Syslogger
|
||||
}
|
||||
|
||||
func (b *Backend) LogRequest(auth *logical.Auth, req *logical.Request) error {
|
||||
var buf bytes.Buffer
|
||||
var format audit.FormatJSON
|
||||
if err := format.FormatRequest(&buf, auth, req); err != nil {
|
||||
return err
|
||||
}
|
||||
_, err := b.logger.Write(buf.Bytes())
|
||||
return err
|
||||
}
|
||||
|
||||
func (b *Backend) LogResponse(auth *logical.Auth, req *logical.Request,
|
||||
resp *logical.Response, err error) error {
|
||||
var buf bytes.Buffer
|
||||
var format audit.FormatJSON
|
||||
if err := format.FormatResponse(&buf, auth, req, resp, err); err != nil {
|
||||
return err
|
||||
}
|
||||
_, err = b.logger.Write(buf.Bytes())
|
||||
return err
|
||||
}
|
||||
@@ -4,6 +4,7 @@ import (
|
||||
"os"
|
||||
|
||||
auditFile "github.com/hashicorp/vault/builtin/audit/file"
|
||||
auditSyslog "github.com/hashicorp/vault/builtin/audit/syslog"
|
||||
|
||||
credAppId "github.com/hashicorp/vault/builtin/credential/app-id"
|
||||
credCert "github.com/hashicorp/vault/builtin/credential/cert"
|
||||
@@ -49,7 +50,8 @@ func Commands(metaPtr *command.Meta) map[string]cli.CommandFactory {
|
||||
return &command.ServerCommand{
|
||||
Meta: meta,
|
||||
AuditBackends: map[string]audit.Factory{
|
||||
"file": auditFile.Factory,
|
||||
"file": auditFile.Factory,
|
||||
"syslog": auditSyslog.Factory,
|
||||
},
|
||||
CredentialBackends: map[string]logical.Factory{
|
||||
"cert": credCert.Factory,
|
||||
|
||||
Reference in New Issue
Block a user