scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-30 02:02:43 +00:00
Code Issues Packages Projects Releases Wiki Activity

VAULT-24452: audit refactor (#26460)

Browse Source 
* Refactor audit code into audit package
* remove builtin/audit
* removed unrequired files
This commit is contained in:
Peter Wilson
2024-04-18 08:25:04 +01:00
committed by GitHub
parent 961bf20bdb
commit 8bee54c89d
60 changed files with 2638 additions and 3214 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
audit/entry_filter.go
View File

@@ -14,18 +14,18 @@ import (
"github.com/hashicorp/vault/sdk/logical"
)
var _ eventlogger.Node = (*EntryFilter)(nil)
var _ eventlogger.Node = (*entryFilter)(nil)
// EntryFilter should be used to filter audit requests and responses which should
// entryFilter should be used to filter audit requests and responses which should
// make it to a sink.
type EntryFilter struct {
type entryFilter struct {
// the evaluator for the bexpr expression that should be applied by the node.
evaluator *bexpr.Evaluator
}
// NewEntryFilter should be used to create an EntryFilter node.
// newEntryFilter should be used to create an entryFilter node.
// The filter supplied should be in bexpr format and reference fields from logical.LogInputBexpr.
func NewEntryFilter(filter string) (*EntryFilter, error) {
func newEntryFilter(filter string) (*entryFilter, error) {
filter = strings.TrimSpace(filter)
if filter == "" {
return nil, fmt.Errorf("cannot create new audit filter with empty filter expression: %w", ErrExternalOptions)
@@ -45,22 +45,22 @@ func NewEntryFilter(filter string) (*EntryFilter, error) {
return nil, fmt.Errorf("filter references an unsupported field: %s: %w", filter, ErrExternalOptions)
}
return &EntryFilter{evaluator: eval}, nil
return &entryFilter{evaluator: eval}, nil
}
// Reopen is a no-op for the filter node.
func (*EntryFilter) Reopen() error {
func (*entryFilter) Reopen() error {
return nil
}
// Type describes the type of this node (filter).
func (*EntryFilter) Type() eventlogger.NodeType {
func (*entryFilter) Type() eventlogger.NodeType {
return eventlogger.NodeTypeFilter
}
// Process will attempt to parse the incoming event data and decide whether it
// should be filtered or remain in the pipeline and passed to the next node.
func (f *EntryFilter) Process(ctx context.Context, e *eventlogger.Event) (*eventlogger.Event, error) {
func (f *entryFilter) Process(ctx context.Context, e *eventlogger.Event) (*eventlogger.Event, error) {
select {
case <-ctx.Done():
return nil, ctx.Err()