Documentation
¶
Index ¶
- Constants
- func HttpFilter(a Auditing, logger *slog.Logger, opts ...httpFilterOpt) (restful.FilterFunction, error)
- func NewConnectInterceptor(a Auditing, logger *slog.Logger, shouldAudit func(fullMethod string) bool) (connect.Interceptor, error)
- func NewHttpFilterErrorCallback(callback func(err error, response *restful.Response)) *httpFilterErrorCallback
- func StreamServerInterceptor(a Auditing, logger *slog.Logger, shouldAudit func(fullMethod string) bool) (grpc.StreamServerInterceptor, error)
- func UnaryServerInterceptor(a Auditing, logger *slog.Logger, shouldAudit func(fullMethod string) bool) (grpc.UnaryServerInterceptor, error)
- type Auditing
- type Config
- type Entry
- type EntryDetail
- type EntryFilter
- type EntryPhase
- type EntryType
- type Interval
- type MeilisearchConfig
- type TimescaleDbConfig
Constants ¶
View Source
const ( // Include explicitly includes the request to the auditing backend even if the request method would prevent the request to be audited (only applies for the http filter) Include string = "include-to-auditing" // Exclude explicitly excludes the request to the auditing backend even if the request method would audit the request (only applies for the http filter) Exclude string = "exclude-from-auditing" )
View Source
const EntryFilterDefaultLimit int64 = 100
Variables ¶
This section is empty.
Functions ¶
func HttpFilter ¶
func NewConnectInterceptor ¶
func NewHttpFilterErrorCallback ¶ added in v0.20.1
func StreamServerInterceptor ¶
func UnaryServerInterceptor ¶
Types ¶
type Auditing ¶
type Auditing interface {
// Commits all pending entries to the index.
// Should be called before shutting down the application.
Flush() error
// Adds the given entry to the index.
// Some fields like `Id`, `Component` and `Timestamp` will be filled by the auditing driver if not given.
Index(Entry) error
// Searches for entries matching the given filter.
// By default only recent entries will be returned.
// The returned entries will be sorted by timestamp in descending order.
Search(context.Context, EntryFilter) ([]Entry, error)
}
func NewMeilisearch ¶ added in v0.20.0
func NewMeilisearch(c Config, mc MeilisearchConfig) (Auditing, error)
func NewTimescaleDB ¶ added in v0.20.0
func NewTimescaleDB(c Config, tc TimescaleDbConfig) (Auditing, error)
type Entry ¶
type Entry struct {
Id string `json:"-"` // filled by the auditing driver
Component string `json:"component"`
RequestId string `json:"rqid"`
Type EntryType `json:"type"`
Timestamp time.Time `json:"timestamp"`
User string `json:"user"`
Tenant string `json:"tenant"`
Project string `json:"project"`
// For `EntryDetailHTTP` the HTTP method get, post, put, delete, ...
// For `EntryDetailGRPC` unary, stream
Detail EntryDetail `json:"detail"`
// e.g. Request, Response, Error, Opened, Close
Phase EntryPhase `json:"phase"`
// For `EntryDetailHTTP` /api/v1/...
// For `EntryDetailGRPC` /api.v1/... (the method name)
Path string `json:"path"`
ForwardedFor string `json:"forwardedfor"`
RemoteAddr string `json:"remoteaddr"`
Body any `json:"body"` // JSON, string or numbers
StatusCode int `json:"statuscode"` // for `EntryDetailHTTP` the HTTP status code, for EntryDetailGRPC` the grpc status code
// Internal errors
Error error `json:"error"`
}
type EntryDetail ¶
type EntryDetail string
const ( EntryDetailGRPCUnary EntryDetail = "unary" EntryDetailGRPCStream EntryDetail = "stream" )
type EntryFilter ¶ added in v0.11.7
type EntryFilter struct {
Limit int64 `json:"limit" optional:"true"` // default `EntryFilterDefaultLimit`
// In range
From time.Time `json:"from" optional:"true"`
To time.Time `json:"to" optional:"true"`
Component string `json:"component" optional:"true"` // exact match
RequestId string `json:"rqid" optional:"true"` // starts with
Type EntryType `json:"type" optional:"true"` // exact match
User string `json:"user" optional:"true"` // exact match
Tenant string `json:"tenant" optional:"true"` // exact match
Project string `json:"project" optional:"true"` // exact match
Detail EntryDetail `json:"detail" optional:"true"` // exact match
Phase EntryPhase `json:"phase" optional:"true"` // exact match
Path string `json:"path" optional:"true"` // free text
ForwardedFor string `json:"forwarded_for" optional:"true"` // free text
RemoteAddr string `json:"remote_addr" optional:"true"` // free text
Body string `json:"body" optional:"true"` // free text
StatusCode int `json:"status_code" optional:"true"` // exact match
Error string `json:"error" optional:"true"` // free text
}
type EntryPhase ¶
type EntryPhase string
const ( EntryPhaseRequest EntryPhase = "request" EntryPhaseResponse EntryPhase = "response" EntryPhaseSingle EntryPhase = "single" EntryPhaseError EntryPhase = "error" EntryPhaseOpened EntryPhase = "opened" EntryPhaseClosed EntryPhase = "closed" )
type MeilisearchConfig ¶ added in v0.20.0
type TimescaleDbConfig ¶ added in v0.20.0
type TimescaleDbConfig struct {
Host string
Port string
DB string
User string
Password string
// Retention defines when audit traces will be thrown away, only settable on initial database usage
// If this needs to be changed over time, you need to do this manually. Defaults to '14 days'.
Retention string
// CompressionInterval defines after which period audit traces will be compressed, only settable on initial database usage.
// If this needs to be changed over time, you need to do this manually. Defaults to '7 days'.
CompressionInterval string
// ChunkInterval defines after which period audit traces will be stored in a new chunk table, only settable on initial database usage.
// If this needs to be changed over time, you need to do this manually. Defaults to '1 days'.
ChunkInterval string
MaxIdleConns *int
ConnMaxLifetime *time.Duration
MaxOpenConns *int
}
Source Files
Click to show internal directories.
Click to hide internal directories.