Skip to content

Commit 4a5f8ed

Browse files
skavanaghskavanagh
committed
Added configuration options for audit logging
Added configuration options for audit logging using log4j.
1 parent 86fab15 commit 4a5f8ed

5 files changed

Lines changed: 119 additions & 0 deletions

File tree

src/main/java/com/keybox/manage/model/AuditWrapper.java

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,43 @@
1+
/**
2+
* Copyright 2015 Sean Kavanagh - [email protected]
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
package com.keybox.manage.model;
17+
18+
public class AuditWrapper {
19+
20+
User user;
21+
SessionOutput sessionOutput;
22+
23+
public AuditWrapper(User user, SessionOutput sessionOutput) {
24+
this.user=user;
25+
this.sessionOutput=sessionOutput;
26+
}
27+
28+
public User getUser() {
29+
return user;
30+
}
31+
32+
public void setUser(User user) {
33+
this.user = user;
34+
}
35+
36+
public SessionOutput getSessionOutput() {
37+
return sessionOutput;
38+
}
39+
40+
public void setSessionOutput(SessionOutput sessionOutput) {
41+
this.sessionOutput = sessionOutput;
42+
}
43+
}

src/main/java/com/keybox/manage/util/SessionOutputSerializer.java

Lines changed: 47 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
/**
2+
* Copyright 2015 Sean Kavanagh - [email protected]
3+
*
4+
* Licensed under the Apache License, Version 2.0 (the "License");
5+
* you may not use this file except in compliance with the License.
6+
* You may obtain a copy of the License at
7+
*
8+
* http://www.apache.org/licenses/LICENSE-2.0
9+
*
10+
* Unless required by applicable law or agreed to in writing, software
11+
* distributed under the License is distributed on an "AS IS" BASIS,
12+
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13+
* See the License for the specific language governing permissions and
14+
* limitations under the License.
15+
*/
16+
package com.keybox.manage.util;
17+
18+
import com.google.gson.JsonElement;
19+
import com.google.gson.JsonObject;
20+
import com.google.gson.JsonSerializationContext;
21+
import com.google.gson.JsonSerializer;
22+
import com.keybox.manage.model.AuditWrapper;
23+
import java.lang.reflect.Type;
24+
import java.util.Date;
25+
26+
public class SessionOutputSerializer implements JsonSerializer<Object> {
27+
@Override
28+
public JsonElement serialize(Object src, Type typeOfSrc, JsonSerializationContext context) {
29+
JsonObject object = new JsonObject();
30+
if (typeOfSrc.equals(AuditWrapper.class)) {
31+
AuditWrapper auditWrapper = (AuditWrapper) src;
32+
object.addProperty("user_id", auditWrapper.getUser().getId());
33+
object.addProperty("username", auditWrapper.getUser().getUsername());
34+
object.addProperty("user_type", auditWrapper.getUser().getUserType());
35+
object.addProperty("first_nm", auditWrapper.getUser().getFirstNm());
36+
object.addProperty("last_nm", auditWrapper.getUser().getLastNm());
37+
object.addProperty("email", auditWrapper.getUser().getEmail());
38+
object.addProperty("session_id", auditWrapper.getSessionOutput().getSessionId());
39+
object.addProperty("instance_id", auditWrapper.getSessionOutput().getInstanceId());
40+
object.addProperty("host_id", auditWrapper.getSessionOutput().getId());
41+
object.addProperty("host", auditWrapper.getSessionOutput().getDisplayLabel());
42+
object.addProperty("output", auditWrapper.getSessionOutput().getOutput().toString());
43+
object.addProperty("timestamp", new Date().getTime());
44+
}
45+
return object;
46+
}
47+
}

src/main/java/com/keybox/manage/util/SessionOutputUtil.java

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@
1919
import com.google.gson.GsonBuilder;
2020
import com.keybox.common.util.AppConfig;
2121
import com.keybox.manage.db.SessionAuditDB;
22+
import com.keybox.manage.model.AuditWrapper;
2223
import com.keybox.manage.model.SessionOutput;
2324
import com.keybox.manage.model.User;
2425
import com.keybox.manage.model.UserSessionsOutput;
@@ -39,7 +40,15 @@ public class SessionOutputUtil {
3940

4041
private static Map<Long, UserSessionsOutput> userSessionsOutputMap = new ConcurrentHashMap<Long, UserSessionsOutput>();
4142
public static boolean enableInternalAudit = "true".equals(AppConfig.getProperty("enableInternalAudit"));
43+
private static String auditLogAppender = StringUtils.isNotEmpty(AppConfig.getProperty("auditLogAppender")) ? AppConfig.getProperty("auditLogAppender") : null;
44+
private static Gson gson = new GsonBuilder().registerTypeAdapter(AuditWrapper.class, new SessionOutputSerializer()).create();
45+
private static Logger auditLogger = null;
4246

47+
static {
48+
if (StringUtils.isNotEmpty(auditLogAppender)) {
49+
auditLogger = LoggerFactory.getLogger(auditLogAppender);
50+
}
51+
}
4352

4453
/**
4554
* removes session for user session
@@ -128,6 +137,10 @@ public static List<SessionOutput> getOutput(Connection con, Long sessionId, User
128137

129138
if (StringUtils.isNotEmpty(sessionOutput.getOutput())) {
130139
outputList.add(sessionOutput);
140+
//send to audit logger if set
141+
if(auditLogger!=null) {
142+
auditLogger.info(gson.toJson(new AuditWrapper(user, sessionOutput)));
143+
}
131144
if(enableInternalAudit) {
132145
SessionAuditDB.insertTerminalLog(con, sessionOutput);
133146
}

src/main/resources/KeyBoxConfig.properties

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,8 @@ defaultSSHPassphrase=${randomPassphrase}
1818
enableInternalAudit=false
1919
#keep audit logs for in days
2020
deleteAuditLogAfter=90
21+
#set an audit log server using log4j (ex: logstash). Edit the log4j.xml to configure appender.
22+
auditLogAppender=
2123
#default timeout in minutes for websocket connection (no timeout for <=0)
2224
websocketTimeout=0
2325
#enable SSH agent forwarding

src/main/resources/log4j.xml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,20 @@
1111
</layout>
1212
</appender>
1313

14+
<!--
15+
<appender name="logstash-socket-appender" class="org.apache.log4j.net.SocketAppender">
16+
<param name="RemoteHost" value="127.0.0.1"/>
17+
<param name="Port" value="5300"/>
18+
<param name="ReconnectionDelay" value="50000"/>
19+
<param name="Threshold" value="INFO"/>
20+
</appender>
21+
22+
<logger name="logstash">
23+
<level value="info"/>
24+
<appender-ref ref="logstash-socket-appender"/>
25+
</logger>
26+
-->
27+
1428
<root>
1529
<level value="warn"/>
1630
<appender-ref ref="console"/>

0 commit comments

Comments
 (0)