summaryrefslogtreecommitdiffstats
path: root/library/Audit
diff options
context:
space:
mode:
Diffstat (limited to 'library/Audit')
-rw-r--r--library/Audit/ProvidedHook/AuditLog.php70
-rw-r--r--library/Audit/ProvidedHook/AuditStream.php38
2 files changed, 108 insertions, 0 deletions
diff --git a/library/Audit/ProvidedHook/AuditLog.php b/library/Audit/ProvidedHook/AuditLog.php
new file mode 100644
index 0000000..a03502e
--- /dev/null
+++ b/library/Audit/ProvidedHook/AuditLog.php
@@ -0,0 +1,70 @@
+<?php
+
+/* Icinga Web 2 | (c) 2018 Icinga Development Team | GPLv2+ */
+
+namespace Icinga\Module\Audit\ProvidedHook;
+
+use InvalidArgumentException;
+use Icinga\Application\Config;
+use Icinga\Application\Hook\AuditHook;
+use Icinga\Util\File;
+
+class AuditLog extends AuditHook
+{
+ public function logMessage($time, $identity, $type, $message, array $data = null)
+ {
+ $logConfig = Config::module('audit')->getSection('log');
+ if ($logConfig->type === 'file') {
+ $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.log'), 'a');
+ $file->fwrite(date('c', $time) . ' - ' . $identity . ' - ' . $type . ' - ' . $message . PHP_EOL);
+ $file->fflush();
+ } elseif ($logConfig->type === 'syslog') {
+ openlog(
+ $logConfig->get('ident', 'icingaweb2-audit'),
+ LOG_PID,
+ $this->resolveSyslogFacility($logConfig->get('facility', 'auth'))
+ );
+ $date = date('c', $time);
+ syslog(LOG_INFO, "[$date] <$identity> <$type> $message");
+ }
+ }
+
+ /**
+ * Resolve the given syslog facility name to a valid identifier
+ *
+ * @param string $name
+ *
+ * @return int
+ *
+ * @throws InvalidArgumentException In case of an unknown name
+ */
+ protected function resolveSyslogFacility($name)
+ {
+ switch ($name) {
+ case 'auth':
+ return LOG_AUTH;
+ case 'authpriv':
+ return LOG_AUTHPRIV;
+ case 'user':
+ return LOG_USER;
+ case 'local0':
+ return LOG_LOCAL0;
+ case 'local1':
+ return LOG_LOCAL1;
+ case 'local2':
+ return LOG_LOCAL2;
+ case 'local3':
+ return LOG_LOCAL3;
+ case 'local4':
+ return LOG_LOCAL4;
+ case 'local5':
+ return LOG_LOCAL5;
+ case 'local6':
+ return LOG_LOCAL6;
+ case 'local7':
+ return LOG_LOCAL7;
+ default:
+ throw new InvalidArgumentException("Unknown syslog facility '$name'");
+ }
+ }
+}
diff --git a/library/Audit/ProvidedHook/AuditStream.php b/library/Audit/ProvidedHook/AuditStream.php
new file mode 100644
index 0000000..b47968d
--- /dev/null
+++ b/library/Audit/ProvidedHook/AuditStream.php
@@ -0,0 +1,38 @@
+<?php
+
+/* Icinga Web 2 | (c) 2018 Icinga Development Team | GPLv2+ */
+
+namespace Icinga\Module\Audit\ProvidedHook;
+
+use InvalidArgumentException;
+use Icinga\Application\Config;
+use Icinga\Application\Hook\AuditHook;
+use Icinga\Util\File;
+
+class AuditStream extends AuditHook
+{
+ public function logMessage($time, $identity, $type, $message, array $data = null)
+ {
+ $activityData = [
+ 'activity_time' => $time,
+ 'activity' => $type,
+ 'message' => $message,
+ 'identity' => $identity
+ ];
+ if (! empty($data)) {
+ $activityData['data'] = $data;
+ }
+
+ $logConfig = Config::module('audit')->getSection('stream');
+ if ($logConfig->format === 'json') {
+ $json = json_encode($activityData, JSON_FORCE_OBJECT);
+ if ($json === false) {
+ throw new InvalidArgumentException('Failed to encode message data to JSON: ' . json_last_error_msg());
+ }
+
+ $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.json'), 'a');
+ $file->fwrite($json . PHP_EOL);
+ $file->fflush();
+ }
+ }
+}