Documentation
¶
Index ¶
- Constants
- Variables
- func AddSystemTarget(ctx context.Context, t Target) error
- func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, ...)
- func CriticalIf(ctx context.Context, err error, errKind ...interface{})
- func CurrentStats() map[string]types.TargetStats
- func EnableAnonymous()
- func EnableJSON()
- func EnableQuiet()
- func Error(msg string, data ...interface{})
- func Fatal(err error, msg string, data ...interface{})
- func FatalIf(err error, msg string, data ...interface{})
- func GetAuditEntry(ctx context.Context) *audit.Entry
- func HashString(input string) string
- func Info(msg string, data ...interface{})
- func Init(goPath string, goRoot string)
- func IsJSON() bool
- func IsQuiet() bool
- func LogAlwaysIf(ctx context.Context, err error, errKind ...interface{})
- func LogIf(ctx context.Context, err error, errKind ...interface{})
- func LogOnceConsoleIf(ctx context.Context, err error, id string, errKind ...interface{})
- func LogOnceIf(ctx context.Context, err error, id string, errKind ...interface{})
- func RegisterError(f func(string, error, bool) string)
- func SetAuditEntry(ctx context.Context, audit *audit.Entry) context.Context
- func SetLoggerHTTP(scfg config.Config, k string, args http.Config)
- func SetLoggerHTTPAudit(scfg config.Config, k string, args http.Config)
- func SetReqInfo(ctx context.Context, req *ReqInfo) context.Context
- func TargetStatus(ctx context.Context, h Target) madmin.Status
- func UpdateAuditKafkaTargets(ctx context.Context, cfg Config) []error
- func UpdateAuditWebhookTargets(ctx context.Context, cfg Config) []error
- func UpdateSystemTargets(ctx context.Context, cfg Config) []error
- func ValidateSubSysConfig(ctx context.Context, scfg config.Config, subSys string) error
- type Config
- type Console
- type KeyVal
- type LogLevel
- type LogOnce
- type Logger
- type ObjectVersion
- type ReqInfo
- type Target
Constants ¶
View Source
const ( Endpoint = "endpoint" AuthToken = "auth_token" ClientCert = "client_cert" ClientKey = "client_key" QueueSize = "queue_size" QueueDir = "queue_dir" Proxy = "proxy" KafkaBrokers = "brokers" KafkaTopic = "topic" KafkaTLS = "tls" KafkaTLSSkipVerify = "tls_skip_verify" KafkaTLSClientAuth = "tls_client_auth" KafkaSASL = "sasl" KafkaSASLUsername = "sasl_username" KafkaSASLPassword = "sasl_password" KafkaSASLMechanism = "sasl_mechanism" KafkaClientTLSCert = "client_tls_cert" KafkaClientTLSKey = "client_tls_key" KafkaVersion = "version" KafkaQueueDir = "queue_dir" KafkaQueueSize = "queue_size" EnvLoggerWebhookEnable = "MINIO_LOGGER_WEBHOOK_ENABLE" EnvLoggerWebhookEndpoint = "MINIO_LOGGER_WEBHOOK_ENDPOINT" EnvLoggerWebhookAuthToken = "MINIO_LOGGER_WEBHOOK_AUTH_TOKEN" EnvLoggerWebhookClientCert = "MINIO_LOGGER_WEBHOOK_CLIENT_CERT" EnvLoggerWebhookClientKey = "MINIO_LOGGER_WEBHOOK_CLIENT_KEY" EnvLoggerWebhookProxy = "MINIO_LOGGER_WEBHOOK_PROXY" EnvLoggerWebhookQueueSize = "MINIO_LOGGER_WEBHOOK_QUEUE_SIZE" EnvLoggerWebhookQueueDir = "MINIO_LOGGER_WEBHOOK_QUEUE_DIR" EnvAuditWebhookEnable = "MINIO_AUDIT_WEBHOOK_ENABLE" EnvAuditWebhookEndpoint = "MINIO_AUDIT_WEBHOOK_ENDPOINT" EnvAuditWebhookAuthToken = "MINIO_AUDIT_WEBHOOK_AUTH_TOKEN" EnvAuditWebhookClientCert = "MINIO_AUDIT_WEBHOOK_CLIENT_CERT" EnvAuditWebhookClientKey = "MINIO_AUDIT_WEBHOOK_CLIENT_KEY" EnvAuditWebhookQueueSize = "MINIO_AUDIT_WEBHOOK_QUEUE_SIZE" EnvAuditWebhookQueueDir = "MINIO_AUDIT_WEBHOOK_QUEUE_DIR" EnvKafkaEnable = "MINIO_AUDIT_KAFKA_ENABLE" EnvKafkaBrokers = "MINIO_AUDIT_KAFKA_BROKERS" EnvKafkaTopic = "MINIO_AUDIT_KAFKA_TOPIC" EnvKafkaTLS = "MINIO_AUDIT_KAFKA_TLS" EnvKafkaTLSSkipVerify = "MINIO_AUDIT_KAFKA_TLS_SKIP_VERIFY" EnvKafkaTLSClientAuth = "MINIO_AUDIT_KAFKA_TLS_CLIENT_AUTH" EnvKafkaSASLEnable = "MINIO_AUDIT_KAFKA_SASL" EnvKafkaSASLUsername = "MINIO_AUDIT_KAFKA_SASL_USERNAME" EnvKafkaSASLPassword = "MINIO_AUDIT_KAFKA_SASL_PASSWORD" EnvKafkaSASLMechanism = "MINIO_AUDIT_KAFKA_SASL_MECHANISM" EnvKafkaClientTLSCert = "MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT" EnvKafkaClientTLSKey = "MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY" EnvKafkaVersion = "MINIO_AUDIT_KAFKA_VERSION" EnvKafkaQueueDir = "MINIO_AUDIT_KAFKA_QUEUE_DIR" EnvKafkaQueueSize = "MINIO_AUDIT_KAFKA_QUEUE_SIZE" )
Audit/Logger constants
View Source
const ( InfoLvl LogLevel = iota + 1 ErrorLvl FatalLvl Application = madmin.LogKindApplication Minio = madmin.LogKindMinio All = madmin.LogKindAll )
Enumerated level types
View Source
const ConsoleLoggerTgt = "console+http"
ConsoleLoggerTgt is a stringified value to represent console logging
View Source
const TimeFormat string = "15:04:05 MST 01/02/2006"
TimeFormat - logging time format.
Variables ¶
View Source
var ( DefaultLoggerWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: Proxy, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, config.KV{ Key: QueueDir, Value: "", }, } DefaultAuditWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, config.KV{ Key: QueueDir, Value: "", }, } DefaultAuditKafkaKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: KafkaTopic, Value: "", }, config.KV{ Key: KafkaBrokers, Value: "", }, config.KV{ Key: KafkaSASLUsername, Value: "", }, config.KV{ Key: KafkaSASLPassword, Value: "", }, config.KV{ Key: KafkaSASLMechanism, Value: "plain", }, config.KV{ Key: KafkaClientTLSCert, Value: "", }, config.KV{ Key: KafkaClientTLSKey, Value: "", }, config.KV{ Key: KafkaTLSClientAuth, Value: "0", }, config.KV{ Key: KafkaSASL, Value: config.EnableOff, }, config.KV{ Key: KafkaTLS, Value: config.EnableOff, }, config.KV{ Key: KafkaTLSSkipVerify, Value: config.EnableOff, }, config.KV{ Key: KafkaVersion, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, config.KV{ Key: QueueDir, Value: "", }, } )
Default KVS for loggerHTTP and loggerAuditHTTP
View Source
var ( Help = config.HelpKVS{ config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/server"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, Secret: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: QueueDir, Description: `staging dir for undelivered logger messages e.g. '/home/logger-events'`, Optional: true, Type: "string", }, config.HelpKV{ Key: Proxy, Description: "proxy url endpoint e.g. http(s)://proxy", Optional: true, Type: "string", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpWebhook = config.HelpKVS{ config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/audit"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, Secret: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: QueueDir, Description: `staging dir for undelivered audit messages e.g. '/home/audit-events'`, Optional: true, Type: "string", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpKafka = config.HelpKVS{ config.HelpKV{ Key: KafkaBrokers, Description: "comma separated list of Kafka broker addresses", Type: "csv", }, config.HelpKV{ Key: KafkaTopic, Description: "Kafka topic used for bucket notifications", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASLUsername, Description: "username for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: KafkaSASLPassword, Description: "password for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, Secret: true, }, config.HelpKV{ Key: KafkaSASLMechanism, Description: "sasl authentication mechanism, default 'plain'", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaTLSClientAuth, Description: "clientAuth determines the Kafka server's policy for TLS client auth", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASL, Description: "set to 'on' to enable SASL authentication", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLS, Description: "set to 'on' to enable TLS", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLSSkipVerify, Description: `trust server TLS without verification, defaults to "on" (verify)`, Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaClientTLSCert, Description: "path to client certificate for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaClientTLSKey, Description: "path to client key for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaVersion, Description: "specify the version of the Kafka cluster", Optional: true, Type: "string", }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for Kafka targets", Optional: true, Type: "number", }, config.HelpKV{ Key: QueueDir, Description: `staging dir for undelivered audit messages to Kafka e.g. '/home/audit-events'`, Optional: true, Type: "string", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } )
Help template for logger http and audit
View Source
var ErrCritical struct{}
ErrCritical is the value panic'd whenever CriticalIf is called.
View Source
var ExitFunc = os.Exit
ExitFunc is called by Fatal() class functions, by default it calls os.Exit()
View Source
var MinimumLogLevel = InfoLvl
MinimumLogLevel holds the minimum logging level to print - info by default
Functions ¶
func AddSystemTarget ¶
AddSystemTarget adds a new logger target to the list of enabled loggers
func AuditLog ¶
func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string)
AuditLog - logs audit logs to all audit targets.
func CriticalIf ¶
CriticalIf logs the provided error on the console. It fails the current go-routine by causing a `panic(ErrCritical)`.
func CurrentStats ¶
func CurrentStats() map[string]types.TargetStats
CurrentStats returns the current statistics.
func EnableAnonymous ¶
func EnableAnonymous()
EnableAnonymous - turns anonymous flag to avoid printing sensitive information.
func Fatal ¶
Fatal prints only fatal error message with no stack trace it will be called for input validation failures
func GetAuditEntry ¶
GetAuditEntry returns Audit entry if set.
func HashString ¶
HashString - return the highway hash of the passed string
func Init ¶
Init sets the trimStrings to possible GOPATHs and GOROOT directories. Also append github.com/minio/minio This is done to clean up the filename, when stack trace is displayed when an error happens.
func LogAlwaysIf ¶
LogAlwaysIf prints a detailed error message during the execution of the server.
func LogIf ¶
LogIf prints a detailed error message during the execution of the server, if it is not an ignored error.
func LogOnceConsoleIf ¶
LogOnceConsoleIf - similar to LogOnceIf but exclusively only logs to console target.
func LogOnceIf ¶
LogOnceIf - Logs notification errors - once per error. id is a unique identifier for related log messages, refer to cmd/notification.go on how it is used.
func RegisterError ¶
RegisterError registers the specified rendering function. This latter will be called for a pretty rendering of fatal errors.
func SetAuditEntry ¶
SetAuditEntry sets Audit info in the context.
func SetLoggerHTTP ¶
SetLoggerHTTP helper for migrating older config to newer KV format.
func SetLoggerHTTPAudit ¶
SetLoggerHTTPAudit - helper for migrating older config to newer KV format.
func SetReqInfo ¶
SetReqInfo sets ReqInfo in the context.
func TargetStatus ¶
TargetStatus returns status of the target (online|offline)
func UpdateAuditKafkaTargets ¶
UpdateAuditKafkaTargets swaps audit kafka targets with newly loaded ones from the cfg
func UpdateAuditWebhookTargets ¶
UpdateAuditWebhookTargets swaps audit webhook targets with newly loaded ones from the cfg
func UpdateSystemTargets ¶
UpdateSystemTargets swaps targets with newly loaded ones from the cfg
Types ¶
type Config ¶
type Config struct {
Console Console `json:"console"`
HTTP map[string]http.Config `json:"http"`
AuditWebhook map[string]http.Config `json:"audit"`
AuditKafka map[string]kafka.Config `json:"audit_kafka"`
}
Config console and http logger targets
type Logger ¶
type Logger interface {
// contains filtered or unexported methods
}
Logger interface describes the methods that need to be implemented to satisfy the interface requirements.
type ObjectVersion ¶
ObjectVersion object version key/versionId
type ReqInfo ¶
type ReqInfo struct {
RemoteHost string // Client Host/IP
Host string // Node Host/IP
UserAgent string // User Agent
DeploymentID string // x-minio-deployment-id
RequestID string // x-amz-request-id
API string // API name - GetObject PutObject NewMultipartUpload etc.
BucketName string `json:",omitempty"` // Bucket name
ObjectName string `json:",omitempty"` // Object name
VersionID string `json:",omitempty"` // corresponding versionID for the object
Objects []ObjectVersion `json:",omitempty"` // Only set during MultiObject delete handler.
Cred auth.Credentials `json:"-"`
Region string `json:"-"`
Owner bool `json:"-"`
AuthType string `json:"-"`
sync.RWMutex
// contains filtered or unexported fields
}
ReqInfo stores the request info. Reading/writing directly to struct requires appropriate R/W lock.
func NewReqInfo ¶
func NewReqInfo(remoteHost, userAgent, deploymentID, requestID, api, bucket, object string) *ReqInfo
NewReqInfo :
func (*ReqInfo) AppendTags ¶
AppendTags - appends key/val to ReqInfo.tags
func (*ReqInfo) GetTagsMap ¶
GetTagsMap - returns the user defined tags in a map structure
type Target ¶
type Target interface {
String() string
Endpoint() string
Stats() types.TargetStats
Init(ctx context.Context) error
IsOnline(ctx context.Context) bool
Cancel()
Send(ctx context.Context, entry interface{}) error
Type() types.TargetType
}
Target is the entity that we will receive a single log entry and Send it to the log target
e.g. Send the log to a http server
func AuditTargets ¶
func AuditTargets() []Target
AuditTargets returns active audit targets. Returned slice may not be modified in any way.
func SystemTargets ¶
func SystemTargets() []Target
SystemTargets returns active targets. Returned slice may not be modified in any way.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.