From adc6ca9ee76d4b765c0e892fd452bc7e7ff28f4c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 14:41:27 +0200 Subject: Adding upstream version 1.0.2. Signed-off-by: Daniel Baumann --- library/Audit/ProvidedHook/AuditLog.php | 70 ++++++++++++++++++++++++++++++ library/Audit/ProvidedHook/AuditStream.php | 38 ++++++++++++++++ 2 files changed, 108 insertions(+) create mode 100644 library/Audit/ProvidedHook/AuditLog.php create mode 100644 library/Audit/ProvidedHook/AuditStream.php (limited to 'library') diff --git a/library/Audit/ProvidedHook/AuditLog.php b/library/Audit/ProvidedHook/AuditLog.php new file mode 100644 index 0000000..a03502e --- /dev/null +++ b/library/Audit/ProvidedHook/AuditLog.php @@ -0,0 +1,70 @@ +getSection('log'); + if ($logConfig->type === 'file') { + $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.log'), 'a'); + $file->fwrite(date('c', $time) . ' - ' . $identity . ' - ' . $type . ' - ' . $message . PHP_EOL); + $file->fflush(); + } elseif ($logConfig->type === 'syslog') { + openlog( + $logConfig->get('ident', 'icingaweb2-audit'), + LOG_PID, + $this->resolveSyslogFacility($logConfig->get('facility', 'auth')) + ); + $date = date('c', $time); + syslog(LOG_INFO, "[$date] <$identity> <$type> $message"); + } + } + + /** + * Resolve the given syslog facility name to a valid identifier + * + * @param string $name + * + * @return int + * + * @throws InvalidArgumentException In case of an unknown name + */ + protected function resolveSyslogFacility($name) + { + switch ($name) { + case 'auth': + return LOG_AUTH; + case 'authpriv': + return LOG_AUTHPRIV; + case 'user': + return LOG_USER; + case 'local0': + return LOG_LOCAL0; + case 'local1': + return LOG_LOCAL1; + case 'local2': + return LOG_LOCAL2; + case 'local3': + return LOG_LOCAL3; + case 'local4': + return LOG_LOCAL4; + case 'local5': + return LOG_LOCAL5; + case 'local6': + return LOG_LOCAL6; + case 'local7': + return LOG_LOCAL7; + default: + throw new InvalidArgumentException("Unknown syslog facility '$name'"); + } + } +} diff --git a/library/Audit/ProvidedHook/AuditStream.php b/library/Audit/ProvidedHook/AuditStream.php new file mode 100644 index 0000000..b47968d --- /dev/null +++ b/library/Audit/ProvidedHook/AuditStream.php @@ -0,0 +1,38 @@ + $time, + 'activity' => $type, + 'message' => $message, + 'identity' => $identity + ]; + if (! empty($data)) { + $activityData['data'] = $data; + } + + $logConfig = Config::module('audit')->getSection('stream'); + if ($logConfig->format === 'json') { + $json = json_encode($activityData, JSON_FORCE_OBJECT); + if ($json === false) { + throw new InvalidArgumentException('Failed to encode message data to JSON: ' . json_last_error_msg()); + } + + $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.json'), 'a'); + $file->fwrite($json . PHP_EOL); + $file->fflush(); + } + } +} -- cgit v1.2.3