384641194a
This change introduces a new audit subsystem that allows tracking and logging of database operations for security and compliance purposes. Key features include: - Configurable audit logging to either syslog or a dedicated system table (audit.audit_log) - Selective auditing based on: - Operation categories (QUERY, DML, DDL, DCL, AUTH, ADMIN) - Specific keyspaces - Specific tables - New configuration options: - audit: Controls audit destination (none/syslog/table) - audit_categories: Comma-separated list of operation categories to audit - audit_tables: Specific tables to audit - audit_keyspaces: Specific keyspaces to audit - audit_unix_socket_path: Path for syslog socket - audit_syslog_write_buffer_size: Buffer size for syslog writes The audit logs capture details including: - Operation timestamp - Node and client IP addresses - Operation category and query - Username - Success/failure status - Affected keyspace and table names
68 lines
2.1 KiB
C++
68 lines
2.1 KiB
C++
/*
|
|
* Copyright (C) 2017 ScyllaDB
|
|
*/
|
|
|
|
/*
|
|
* SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0
|
|
*/
|
|
#pragma once
|
|
|
|
#include "audit/audit.hh"
|
|
#include "table_helper.hh"
|
|
#include "storage_helper.hh"
|
|
#include "db/config.hh"
|
|
#include "service/raft/raft_group0_client.hh"
|
|
|
|
namespace cql3 {
|
|
|
|
class query_processor;
|
|
|
|
}
|
|
|
|
namespace service {
|
|
|
|
class migration_manager;
|
|
|
|
}
|
|
|
|
namespace audit {
|
|
|
|
class audit_cf_storage_helper : public storage_helper {
|
|
static const sstring KEYSPACE_NAME;
|
|
static const sstring TABLE_NAME;
|
|
cql3::query_processor& _qp;
|
|
service::migration_manager& _mm;
|
|
table_helper _table;
|
|
service::query_state _dummy_query_state;
|
|
static cql3::query_options make_data(const audit_info* audit_info,
|
|
socket_address node_ip,
|
|
socket_address client_ip,
|
|
db::consistency_level cl,
|
|
const sstring& username,
|
|
bool error);
|
|
static cql3::query_options make_login_data(socket_address node_ip,
|
|
socket_address client_ip,
|
|
const sstring& username,
|
|
bool error);
|
|
|
|
future<> migrate_audit_table(service::group0_guard guard);
|
|
|
|
public:
|
|
explicit audit_cf_storage_helper(cql3::query_processor& qp, service::migration_manager& mm);
|
|
virtual ~audit_cf_storage_helper() {}
|
|
virtual future<> start(const db::config& cfg) override;
|
|
virtual future<> stop() override;
|
|
virtual future<> write(const audit_info* audit_info,
|
|
socket_address node_ip,
|
|
socket_address client_ip,
|
|
db::consistency_level cl,
|
|
const sstring& username,
|
|
bool error) override;
|
|
virtual future<> write_login(const sstring& username,
|
|
socket_address node_ip,
|
|
socket_address client_ip,
|
|
bool error) override;
|
|
};
|
|
|
|
}
|