v.io: v.io/x/ref/lib/security/audit Index | Files

package audit

import "v.io/x/ref/lib/security/audit"

Package audit implements a mechanism for writing auditable events to an audit log.

Typical use would be for tracking sensitive operations like private key usage (NewPrincipal), or sensitive RPC method invocations.


Package Files

auditor.go principal.go

func NewPrincipal Uses

func NewPrincipal(ctx *context.T, auditor Auditor) security.Principal

NewPrincipal returns a security.Principal implementation that logs all private key operations of 'wrapped' to 'auditor' (i.e., all calls to BlessSelf, Bless, MintDischarge and Sign).

type Auditor Uses

type Auditor interface {
    Audit(ctx *context.T, entry Entry) error

Auditor is the interface for writing auditable events.

type Entry Uses

type Entry struct {
    // Method being invoked.
    Method string
    // Arguments to the method.
    // Any sensitive data in the arguments should not be included,
    // even if the argument was provided to the real method invocation.
    Arguments []interface{}
    // Result of the method invocation.
    // A common use case is to audit only successful method invocations.
    Results []interface{}

    // Timestamp of method invocation.
    Timestamp time.Time

Entry is the information logged on each auditable event.

func (Entry) String Uses

func (e Entry) String() string

Package audit imports 6 packages (graph) and is imported by 8 packages. Updated 2020-10-22. Refresh now. Tools for package owners.