diff options
Diffstat (limited to 'library/Audit')
| -rw-r--r-- | library/Audit/ProvidedHook/AuditLog.php | 70 | ||||
| -rw-r--r-- | library/Audit/ProvidedHook/AuditStream.php | 38 |
2 files changed, 108 insertions, 0 deletions
diff --git a/library/Audit/ProvidedHook/AuditLog.php b/library/Audit/ProvidedHook/AuditLog.php new file mode 100644 index 0000000..a03502e --- /dev/null +++ b/library/Audit/ProvidedHook/AuditLog.php @@ -0,0 +1,70 @@ +<?php + +/* Icinga Web 2 | (c) 2018 Icinga Development Team | GPLv2+ */ + +namespace Icinga\Module\Audit\ProvidedHook; + +use InvalidArgumentException; +use Icinga\Application\Config; +use Icinga\Application\Hook\AuditHook; +use Icinga\Util\File; + +class AuditLog extends AuditHook +{ + public function logMessage($time, $identity, $type, $message, array $data = null) + { + $logConfig = Config::module('audit')->getSection('log'); + if ($logConfig->type === 'file') { + $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.log'), 'a'); + $file->fwrite(date('c', $time) . ' - ' . $identity . ' - ' . $type . ' - ' . $message . PHP_EOL); + $file->fflush(); + } elseif ($logConfig->type === 'syslog') { + openlog( + $logConfig->get('ident', 'icingaweb2-audit'), + LOG_PID, + $this->resolveSyslogFacility($logConfig->get('facility', 'auth')) + ); + $date = date('c', $time); + syslog(LOG_INFO, "[$date] <$identity> <$type> $message"); + } + } + + /** + * Resolve the given syslog facility name to a valid identifier + * + * @param string $name + * + * @return int + * + * @throws InvalidArgumentException In case of an unknown name + */ + protected function resolveSyslogFacility($name) + { + switch ($name) { + case 'auth': + return LOG_AUTH; + case 'authpriv': + return LOG_AUTHPRIV; + case 'user': + return LOG_USER; + case 'local0': + return LOG_LOCAL0; + case 'local1': + return LOG_LOCAL1; + case 'local2': + return LOG_LOCAL2; + case 'local3': + return LOG_LOCAL3; + case 'local4': + return LOG_LOCAL4; + case 'local5': + return LOG_LOCAL5; + case 'local6': + return LOG_LOCAL6; + case 'local7': + return LOG_LOCAL7; + default: + throw new InvalidArgumentException("Unknown syslog facility '$name'"); + } + } +} diff --git a/library/Audit/ProvidedHook/AuditStream.php b/library/Audit/ProvidedHook/AuditStream.php new file mode 100644 index 0000000..b47968d --- /dev/null +++ b/library/Audit/ProvidedHook/AuditStream.php @@ -0,0 +1,38 @@ +<?php + +/* Icinga Web 2 | (c) 2018 Icinga Development Team | GPLv2+ */ + +namespace Icinga\Module\Audit\ProvidedHook; + +use InvalidArgumentException; +use Icinga\Application\Config; +use Icinga\Application\Hook\AuditHook; +use Icinga\Util\File; + +class AuditStream extends AuditHook +{ + public function logMessage($time, $identity, $type, $message, array $data = null) + { + $activityData = [ + 'activity_time' => $time, + 'activity' => $type, + 'message' => $message, + 'identity' => $identity + ]; + if (! empty($data)) { + $activityData['data'] = $data; + } + + $logConfig = Config::module('audit')->getSection('stream'); + if ($logConfig->format === 'json') { + $json = json_encode($activityData, JSON_FORCE_OBJECT); + if ($json === false) { + throw new InvalidArgumentException('Failed to encode message data to JSON: ' . json_last_error_msg()); + } + + $file = new File($logConfig->get('path', '/var/log/icingaweb2/audit.json'), 'a'); + $file->fwrite($json . PHP_EOL); + $file->fflush(); + } + } +} |