Merge branch 'sh-add-audit-logging-json-ce' into 'master'
Add support for JSON logging for audit events See merge request gitlab-org/gitlab-ce!22471
This commit is contained in:
commit
c094bdb820
|
@ -17,11 +17,29 @@ class AuditEventService
|
|||
end
|
||||
|
||||
def security_event
|
||||
SecurityEvent.create(
|
||||
log_security_event_to_file
|
||||
log_security_event_to_database
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def base_payload
|
||||
{
|
||||
author_id: @author.id,
|
||||
entity_id: @entity.id,
|
||||
entity_type: @entity.class.name,
|
||||
details: @details
|
||||
)
|
||||
entity_type: @entity.class.name
|
||||
}
|
||||
end
|
||||
|
||||
def file_logger
|
||||
@file_logger ||= Gitlab::AuditJsonLogger.build
|
||||
end
|
||||
|
||||
def log_security_event_to_file
|
||||
file_logger.info(base_payload.merge(@details))
|
||||
end
|
||||
|
||||
def log_security_event_to_database
|
||||
SecurityEvent.create(base_payload.merge(details: @details))
|
||||
end
|
||||
end
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Add support for JSON logging for audit events
|
||||
merge_request: 22471
|
||||
author:
|
||||
type: added
|
|
@ -144,6 +144,20 @@ December 03, 2014 13:20 -> ERROR -> Command failed [1]: /usr/bin/git --git-dir=/
|
|||
error: failed to push some refs to '/Users/vsizov/gitlab-development-kit/repositories/gitlabhq/gitlab_git.git'
|
||||
```
|
||||
|
||||
## `audit_json.log`
|
||||
|
||||
This file lives in `/var/log/gitlab/gitlab-rails/audit_json.log` for
|
||||
Omnibus GitLab packages or in `/home/git/gitlab/log/audit_json.log` for
|
||||
installations from source.
|
||||
|
||||
Changes to group or project settings are logged to this file. For example:
|
||||
|
||||
```json
|
||||
{"severity":"INFO","time":"2018-10-17T17:38:22.523Z","author_id":3,"entity_id":2,"entity_type":"Project","change":"visibility","from":"Private","to":"Public","author_name":"John Doe4","target_id":2,"target_type":"Project","target_details":"namespace2/project2"}
|
||||
{"severity":"INFO","time":"2018-10-17T17:38:22.830Z","author_id":5,"entity_id":3,"entity_type":"Project","change":"name","from":"John Doe7 / project3","to":"John Doe7 / new name","author_name":"John Doe6","target_id":3,"target_type":"Project","target_details":"namespace3/project3"}
|
||||
{"severity":"INFO","time":"2018-10-17T17:38:23.175Z","author_id":7,"entity_id":4,"entity_type":"Project","change":"path","from":"","to":"namespace4/newpath","author_name":"John Doe8","target_id":4,"target_type":"Project","target_details":"namespace4/newpath"}
|
||||
```
|
||||
|
||||
## `sidekiq.log`
|
||||
|
||||
This file lives in `/var/log/gitlab/gitlab-rails/sidekiq.log` for
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
module Gitlab
|
||||
class AuditJsonLogger < Gitlab::JsonLogger
|
||||
def self.file_name_noext
|
||||
'audit_json'
|
||||
end
|
||||
end
|
||||
end
|
|
@ -0,0 +1,26 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'spec_helper'
|
||||
|
||||
describe AuditEventService do
|
||||
let(:project) { create(:project) }
|
||||
let(:user) { create(:user) }
|
||||
let(:project_member) { create(:project_member, user: user) }
|
||||
let(:service) { described_class.new(user, project, { action: :destroy }) }
|
||||
let(:logger) { instance_double(Gitlab::AuditJsonLogger) }
|
||||
|
||||
describe '#security_event' do
|
||||
before do
|
||||
expect(service).to receive(:file_logger).and_return(logger)
|
||||
end
|
||||
|
||||
it 'creates an event and logs to a file' do
|
||||
expect(logger).to receive(:info).with(author_id: user.id,
|
||||
entity_id: project.id,
|
||||
entity_type: "Project",
|
||||
action: :destroy)
|
||||
|
||||
expect { service.security_event }.to change(SecurityEvent, :count).by(1)
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue