Documentation
¶
Index ¶
- Constants
- Variables
- func AddAuditTarget(t Target) error
- func AddTarget(t Target) error
- func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, ...)
- func CriticalIf(ctx context.Context, err error, errKind ...interface{})
- func EnableAnonymous()
- func EnableJSON()
- func EnableQuiet()
- func Error(msg string, data ...interface{})
- func Fatal(err error, msg string, data ...interface{})
- func FatalIf(err error, msg string, data ...interface{})
- func GetAuditEntry(ctx context.Context) *audit.Entry
- func GetAuditKafka(kafkaKVS map[string]config.KVS) (map[string]kafka.Config, error)
- func Info(msg string, data ...interface{})
- func Init(goPath string, goRoot string)
- func IsJSON() bool
- func IsQuiet() bool
- func LogAlwaysIf(ctx context.Context, err error, errKind ...interface{})
- func LogIf(ctx context.Context, err error, errKind ...interface{})
- func LogOnceIf(ctx context.Context, err error, id interface{}, errKind ...interface{})
- func RegisterError(f func(string, error, bool) string)
- func SetAuditEntry(ctx context.Context, audit *audit.Entry) context.Context
- func SetDeploymentID(deploymentID string)
- func SetLoggerHTTP(scfg config.Config, k string, args http.Config)
- func SetLoggerHTTPAudit(scfg config.Config, k string, args http.Config)
- func SetReqInfo(ctx context.Context, req *ReqInfo) context.Context
- func StartupMessage(msg string, data ...interface{})
- func UpdateTargets(cfg Config) error
- func ValidateSubSysConfig(scfg config.Config, subSys string) error
- type Config
- type Console
- type KeyVal
- type Kind
- type Level
- type Logger
- type ObjectVersion
- type ReqInfo
- type ResponseWriter
- type Target
Constants ¶
View Source
const ( Endpoint = "endpoint" AuthToken = "auth_token" ClientCert = "client_cert" ClientKey = "client_key" QueueSize = "queue_size" KafkaBrokers = "brokers" KafkaTopic = "topic" KafkaTLS = "tls" KafkaTLSSkipVerify = "tls_skip_verify" KafkaTLSClientAuth = "tls_client_auth" KafkaSASL = "sasl" KafkaSASLUsername = "sasl_username" KafkaSASLPassword = "sasl_password" KafkaSASLMechanism = "sasl_mechanism" KafkaClientTLSCert = "client_tls_cert" KafkaClientTLSKey = "client_tls_key" KafkaVersion = "version" EnvLoggerWebhookEnable = "MINIO_LOGGER_WEBHOOK_ENABLE" EnvLoggerWebhookEndpoint = "MINIO_LOGGER_WEBHOOK_ENDPOINT" EnvLoggerWebhookAuthToken = "MINIO_LOGGER_WEBHOOK_AUTH_TOKEN" EnvLoggerWebhookClientCert = "MINIO_LOGGER_WEBHOOK_CLIENT_CERT" EnvLoggerWebhookClientKey = "MINIO_LOGGER_WEBHOOK_CLIENT_KEY" EnvLoggerWebhookQueueSize = "MINIO_LOGGER_WEBHOOK_QUEUE_SIZE" EnvAuditWebhookEnable = "MINIO_AUDIT_WEBHOOK_ENABLE" EnvAuditWebhookEndpoint = "MINIO_AUDIT_WEBHOOK_ENDPOINT" EnvAuditWebhookAuthToken = "MINIO_AUDIT_WEBHOOK_AUTH_TOKEN" EnvAuditWebhookClientCert = "MINIO_AUDIT_WEBHOOK_CLIENT_CERT" EnvAuditWebhookClientKey = "MINIO_AUDIT_WEBHOOK_CLIENT_KEY" EnvAuditWebhookQueueSize = "MINIO_AUDIT_WEBHOOK_QUEUE_SIZE" EnvKafkaEnable = "MINIO_AUDIT_KAFKA_ENABLE" EnvKafkaBrokers = "MINIO_AUDIT_KAFKA_BROKERS" EnvKafkaTopic = "MINIO_AUDIT_KAFKA_TOPIC" EnvKafkaTLS = "MINIO_AUDIT_KAFKA_TLS" EnvKafkaTLSSkipVerify = "MINIO_AUDIT_KAFKA_TLS_SKIP_VERIFY" EnvKafkaTLSClientAuth = "MINIO_AUDIT_KAFKA_TLS_CLIENT_AUTH" EnvKafkaSASLEnable = "MINIO_AUDIT_KAFKA_SASL" EnvKafkaSASLUsername = "MINIO_AUDIT_KAFKA_SASL_USERNAME" EnvKafkaSASLPassword = "MINIO_AUDIT_KAFKA_SASL_PASSWORD" EnvKafkaSASLMechanism = "MINIO_AUDIT_KAFKA_SASL_MECHANISM" EnvKafkaClientTLSCert = "MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT" EnvKafkaClientTLSKey = "MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY" EnvKafkaVersion = "MINIO_AUDIT_KAFKA_VERSION" )
Audit/Logger constants
View Source
const TimeFormat string = "15:04:05 MST 01/02/2006"
TimeFormat - logging time format.
Variables ¶
View Source
var ( DefaultLoggerWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, } DefaultAuditWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, } DefaultAuditKafkaKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: KafkaTopic, Value: "", }, config.KV{ Key: KafkaBrokers, Value: "", }, config.KV{ Key: KafkaSASLUsername, Value: "", }, config.KV{ Key: KafkaSASLPassword, Value: "", }, config.KV{ Key: KafkaSASLMechanism, Value: "plain", }, config.KV{ Key: KafkaClientTLSCert, Value: "", }, config.KV{ Key: KafkaClientTLSKey, Value: "", }, config.KV{ Key: KafkaTLSClientAuth, Value: "0", }, config.KV{ Key: KafkaSASL, Value: config.EnableOff, }, config.KV{ Key: KafkaTLS, Value: config.EnableOff, }, config.KV{ Key: KafkaTLSSkipVerify, Value: config.EnableOff, }, config.KV{ Key: KafkaVersion, Value: "", }, } )
Default KVS for loggerHTTP and loggerAuditHTTP
View Source
var ( Help = config.HelpKVS{ config.HelpKV{ Key: config.Enable, Description: "set to 'on' to enable the logger webhook", Optional: true, Type: "on|off", Sensitive: false, }, config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/server"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for Logger Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for Logger Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for Logger Webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpWebhook = config.HelpKVS{ config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/audit"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for Audit Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for Audit Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for Audit Webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpKafka = config.HelpKVS{ config.HelpKV{ Key: KafkaBrokers, Description: "comma separated list of Kafka broker addresses", Type: "csv", }, config.HelpKV{ Key: KafkaTopic, Description: "Kafka topic used for bucket notifications", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASLUsername, Description: "username for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: KafkaSASLPassword, Description: "password for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: KafkaSASLMechanism, Description: "sasl authentication mechanism, default 'plain'", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaTLSClientAuth, Description: "clientAuth determines the Kafka server's policy for TLS client auth", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASL, Description: "set to 'on' to enable SASL authentication", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLS, Description: "set to 'on' to enable TLS", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLSSkipVerify, Description: `trust server TLS without verification, defaults to "on" (verify)`, Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaClientTLSCert, Description: "path to client certificate for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaClientTLSKey, Description: "path to client key for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaVersion, Description: "specify the version of the Kafka cluster", Optional: true, Type: "string", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } )
Help template for logger http and audit
View Source
var BodyPlaceHolder = []byte("<BODY>")
BodyPlaceHolder returns a dummy body placeholder
View Source
var Disable = false
Disable disables all logging, false by default. (used for "go test")
View Source
var ErrCritical struct{}
ErrCritical is the value panic'd whenever CriticalIf is called.
Functions ¶
func AddAuditTarget ¶
AddAuditTarget adds a new audit logger target to the list of enabled loggers
func AuditLog ¶
func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string)
AuditLog - logs audit logs to all audit targets.
func CriticalIf ¶
CriticalIf logs the provided error on the console. It fails the current go-routine by causing a `panic(ErrCritical)`.
func EnableAnonymous ¶
func EnableAnonymous()
EnableAnonymous - turns anonymous flag to avoid printing sensitive information.
func Fatal ¶
Fatal prints only fatal error message with no stack trace it will be called for input validation failures
func GetAuditEntry ¶
GetAuditEntry returns Audit entry if set.
func GetAuditKafka ¶
GetAuditKafka - returns a map of registered notification 'kafka' targets
func Init ¶
Init sets the trimStrings to possible GOPATHs and GOROOT directories. Also append github.com/minio/minio This is done to clean up the filename, when stack trace is displayed when an error happens.
func LogAlwaysIf ¶
LogAlwaysIf prints a detailed error message during the execution of the server.
func LogIf ¶
LogIf prints a detailed error message during the execution of the server, if it is not an ignored error.
func LogOnceIf ¶
LogOnceIf - Logs notification errors - once per error. id is a unique identifier for related log messages, refer to cmd/notification.go on how it is used.
func RegisterError ¶
RegisterError registers the specified rendering function. This latter will be called for a pretty rendering of fatal errors.
func SetAuditEntry ¶
SetAuditEntry sets Audit info in the context.
func SetDeploymentID ¶
func SetDeploymentID(deploymentID string)
SetDeploymentID -- Deployment Id from the main package is set here
func SetLoggerHTTP ¶
SetLoggerHTTP helper for migrating older config to newer KV format.
func SetLoggerHTTPAudit ¶
SetLoggerHTTPAudit - helper for migrating older config to newer KV format.
func SetReqInfo ¶
SetReqInfo sets ReqInfo in the context.
func UpdateTargets ¶
UpdateTargets swaps targets with newly loaded ones from the cfg
Types ¶
type Config ¶
type Config struct {
Console Console `json:"console"`
HTTP map[string]http.Config `json:"http"`
AuditWebhook map[string]http.Config `json:"audit"`
AuditKafka map[string]kafka.Config `json:"audit_kafka"`
}
Config console and http logger targets
func LookupConfig ¶
LookupConfig - lookup logger config, override with ENVs if set.
type Logger ¶
type Logger interface {
// contains filtered or unexported methods
}
Logger interface describes the methods that need to be implemented to satisfy the interface requirements.
type ObjectVersion ¶
ObjectVersion object version key/versionId
type ReqInfo ¶
type ReqInfo struct {
RemoteHost string // Client Host/IP
Host string // Node Host/IP
UserAgent string // User Agent
DeploymentID string // x-minio-deployment-id
RequestID string // x-amz-request-id
API string // API name - GetObject PutObject NewMultipartUpload etc.
BucketName string `json:",omitempty"` // Bucket name
ObjectName string `json:",omitempty"` // Object name
VersionID string `json:",omitempty"` // corresponding versionID for the object
Objects []ObjectVersion `json:",omitempty"` // Only set during MultiObject delete handler.
AccessKey string // Access Key
sync.RWMutex
// contains filtered or unexported fields
}
ReqInfo stores the request info.
func NewReqInfo ¶
func NewReqInfo(remoteHost, userAgent, deploymentID, requestID, api, bucket, object string) *ReqInfo
NewReqInfo :
func (*ReqInfo) AppendTags ¶
AppendTags - appends key/val to ReqInfo.tags
func (*ReqInfo) GetTagsMap ¶
GetTagsMap - returns the user defined tags in a map structure
type ResponseWriter ¶
type ResponseWriter struct {
http.ResponseWriter
StatusCode int
// Log body of 4xx or 5xx responses
LogErrBody bool
// Log body of all responses
LogAllBody bool
TimeToFirstByte time.Duration
StartTime time.Time
// contains filtered or unexported fields
}
ResponseWriter - is a wrapper to trap the http response status code.
func NewResponseWriter ¶
func NewResponseWriter(w http.ResponseWriter) *ResponseWriter
NewResponseWriter - returns a wrapped response writer to trap http status codes for auditing purposes.
func (*ResponseWriter) Flush ¶
func (lrw *ResponseWriter) Flush()
Flush - Calls the underlying Flush.
func (*ResponseWriter) Size ¶
func (lrw *ResponseWriter) Size() int
Size - reutrns the number of bytes written
func (*ResponseWriter) WriteHeader ¶
func (lrw *ResponseWriter) WriteHeader(code int)
WriteHeader - writes http status code
type Target ¶
type Target interface {
String() string
Endpoint() string
Init() error
Cancel()
Send(entry interface{}, errKind string) error
}
Target is the entity that we will receive a single log entry and Send it to the log target
e.g. Send the log to a http server
func AuditTargets ¶
func AuditTargets() []Target
AuditTargets returns active audit targets. Returned slice may not be modified in any way.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.