mirror of
https://github.com/optim-enterprises-bv/vault.git
synced 2025-10-29 17:52:32 +00:00
17ffe62d0d
* VAULT-22481: Audit filter node (#24465) * Initial commit on adding filter nodes for audit * tests for audit filter * test: longer filter - more conditions * copywrite headers * Check interface for the right type * Add audit filtering feature (#24554) * Support filter nodes in backend factories and add some tests * More tests and cleanup * Attempt to move control of registration for nodes and pipelines to the audit broker (#24505) * invert control of the pipelines/nodes to the audit broker vs. within each backend * update noop audit test code to implement the pipeliner interface * noop mount path has trailing slash * attempting to make NoopAudit more friendly * NoopAudit uses known salt * Refactor audit.ProcessManual to support filter nodes * HasFiltering * rename the pipeliner * use exported AuditEvent in Filter * Add tests for registering and deregistering backends on the audit broker * Add missing licence header to one file, fix a typo in two tests --------- Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com> * Add changelog file * update bexpr datum to use a strong type * go docs updates * test path * PR review comments * handle scenarios/outcomes from broker.send * don't need to re-check the complete sinks * add extra check to deregister to ensure that re-registering non-filtered device sets sink threshold * Ensure that the multierror is appended before attempting to return it --------- Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
56 lines
1.4 KiB
Go
56 lines
1.4 KiB
Go
// Copyright (c) HashiCorp, Inc.
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
package logical
|
|
|
|
type LogInput struct {
|
|
Type string
|
|
Auth *Auth
|
|
Request *Request
|
|
Response *Response
|
|
OuterErr error
|
|
NonHMACReqDataKeys []string
|
|
NonHMACRespDataKeys []string
|
|
}
|
|
|
|
type MarshalOptions struct {
|
|
ValueHasher func(string) string
|
|
}
|
|
|
|
type OptMarshaler interface {
|
|
MarshalJSONWithOptions(*MarshalOptions) ([]byte, error)
|
|
}
|
|
|
|
// LogInputBexpr is used for evaluating boolean expressions with go-bexpr.
|
|
type LogInputBexpr struct {
|
|
MountPoint string `bexpr:"mount_point"`
|
|
MountType string `bexpr:"mount_type"`
|
|
Namespace string `bexpr:"namespace"`
|
|
Operation string `bexpr:"operation"`
|
|
Path string `bexpr:"path"`
|
|
}
|
|
|
|
// BexprDatum returns values from a LogInput formatted for use in evaluating go-bexpr boolean expressions.
|
|
// The namespace should be supplied from the current request's context.
|
|
func (l *LogInput) BexprDatum(namespace string) *LogInputBexpr {
|
|
var mountPoint string
|
|
var mountType string
|
|
var operation string
|
|
var path string
|
|
|
|
if l.Request != nil {
|
|
mountPoint = l.Request.MountPoint
|
|
mountType = l.Request.MountType
|
|
operation = string(l.Request.Operation)
|
|
path = l.Request.Path
|
|
}
|
|
|
|
return &LogInputBexpr{
|
|
MountPoint: mountPoint,
|
|
MountType: mountType,
|
|
Namespace: namespace,
|
|
Operation: operation,
|
|
Path: path,
|
|
}
|
|
}
|