//%2006//////////////////////////////////////////////////////////////////////// // // Copyright (c) 2000, 2001, 2002 BMC Software; Hewlett-Packard Development // Company, L.P.; IBM Corp.; The Open Group; Tivoli Systems. // Copyright (c) 2003 BMC Software; Hewlett-Packard Development Company, L.P.; // IBM Corp.; EMC Corporation, The Open Group. // Copyright (c) 2004 BMC Software; Hewlett-Packard Development Company, L.P.; // IBM Corp.; EMC Corporation; VERITAS Software Corporation; The Open Group. // Copyright (c) 2005 Hewlett-Packard Development Company, L.P.; IBM Corp.; // EMC Corporation; VERITAS Software Corporation; The Open Group. // Copyright (c) 2006 Hewlett-Packard Development Company, L.P.; IBM Corp.; // EMC Corporation; Symantec Corporation; The Open Group. // // Permission is hereby granted, free of charge, to any person obtaining a copy // of this software and associated documentation files (the "Software"), to // deal in the Software without restriction, including without limitation the // rights to use, copy, modify, merge, publish, distribute, sublicense, and/or // sell copies of the Software, and to permit persons to whom the Software is // furnished to do so, subject to the following conditions: // // THE ABOVE COPYRIGHT NOTICE AND THIS PERMISSION NOTICE SHALL BE INCLUDED IN // ALL COPIES OR SUBSTANTIAL PORTIONS OF THE SOFTWARE. THE SOFTWARE IS PROVIDED // "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT // LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR // PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN // ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION // WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. // //============================================================================== // //%///////////////////////////////////////////////////////////////////////////// #ifndef Pegasus_AuditLogger_h #define Pegasus_AuditLogger_h #include #include #include #include PEGASUS_NAMESPACE_BEGIN #ifndef PEGASUS_DISABLE_AUDIT_LOGGER /** This class provides the interfaces to construct a human readable audit text message and write the message to log files. */ class PEGASUS_COMMON_LINKAGE AuditLogger { public: enum AuditType { TYPE_AUTHENTICATION, TYPE_AUTHORIZATION, TYPE_CONFIGURATION, TYPE_CIMOPERATION }; enum AuditSubType { SUBTYPE_LOCAL_AUTHENTICATION, SUBTYPE_BASIC_AUTHENTICATION, SUBTYPE_CERTIFICATE_BASED_AUTHENTICATION, SUBTYPE_USER_GROUP_AUTHORIZATION, SUBTYPE_NAMESPACE_AUTHORIZATION, SUBTYPE_PRIVILEGED_USER_CHECK, SUBTYPE_TRUSTSTORE_CHANGE, SUBTYPE_CURRENT_CONFIGURATION, SUBTYPE_CURRENT_PROVIDER_REGISTRATION, SUBTYPE_CURRENT_ENVIRONMENT_VARIABLES, SUBTYPE_CONFIGURATION_CHANGE, SUBTYPE_PROVIDER_REGISTRATION_CHANGE, SUBTYPE_PROVIDER_MODULE_STATUS_CHANGE, SUBTYPE_SCHEMA_OPERATION, SUBTYPE_INSTANCE_OPERATION, SUBTYPE_INDICATION_OPERATION }; enum AuditEvent { EVENT_START_UP, EVENT_AUTH_SUCCESS, EVENT_AUTH_FAILURE, EVENT_CREATE, EVENT_UPDATE, EVENT_DELETE, EVENT_INVOKE }; /** Constructs and logs audit message of the current configurations @param propertyNames - All the current property names while the CIM Server is running @param propertyValues - All the current property values while the CIM Server is running */ static void logCurrentConfig( const Array& propertyNames, const Array& propertyValues); /** Constructs and logs audit message of the currently registered providers while the CIM Server is running @param instances - all currently registered provider module instances while the CIM Server is running */ static void logCurrentRegProvider( const Array < CIMInstance > & instances); /** Constructs and logs audit message of the current environment variables while the CIM Server is running */ static void logCurrentEnvironmentVar(); /** Constructs and logs audit message of setting the specified configuration property to the specified value or unset the specified configuration property to the default value @param userName - The user name for this operation @param propertyName - The specified configuration property name @param prePropertyValue - The previous value of the changed config property @param newPropertyValue - The new value of the changed config property or default value if it is unset @param isPlanned - True, sets planned value of the specified configuration property; Otherwise, sets current value of the specified configuration property */ static void logSetConfigProperty( const String & userName, const String & propertyName, const String & prePropertyValue, const String & newPropertyValue, Boolean isPlanned); /** Constructs and logs audit message of a CIM class update operation @param cimMethodName - The name of the CIM operation performed @param eventType - The AuditEvent associated with the CIM operation @param userName - User name for this operation @param ipAddr - Client IP address for this operation @param nameSpace - The namespace for the operation @param className - The name of the class @param statusCode - The CIM status code for the operation */ static void logUpdateClassOperation( const char* cimMethodName, AuditEvent eventType, const String& userName, const String& ipAddr, const CIMNamespaceName& nameSpace, const CIMName& className, CIMStatusCode statusCode); /** Constructs and logs audit message of a CIM qualifier update operation @param cimMethodName - The name of the CIM operation performed @param eventType - The AuditEvent associated with the CIM operation @param userName - User name for this operation @param ipAddr - Client IP address for this operation @param nameSpace - The namespace for the operation @param name - The name of the qualifier @param statusCode - The CIM status code for the operation */ static void logUpdateQualifierOperation( const char* cimMethodName, AuditEvent eventType, const String& userName, const String& ipAddr, const CIMNamespaceName& nameSpace, const CIMName& name, CIMStatusCode statusCode); /** Constructs and logs audit message of a CIM instance update operation @param cimMethodName - The name of the CIM operation performed @param eventType - The AuditEvent associated with the CIM operation @param userName - The user name for this operation @param ipAddr - Client IP address for this operation @param nameSpace - The namespace for the operation @param instanceName - The name of the affected instance @param moduleName - The provider module name that serves the request @param providerName - The provider name that serves the request @param statusCode - The CIM status code for the operation */ static void logUpdateInstanceOperation( const char* cimMethodName, AuditEvent eventType, const String& userName, const String& ipAddr, const CIMNamespaceName& nameSpace, const CIMObjectPath& instanceName, const String& moduleName, const String& providerName, CIMStatusCode statusCode); /** Constructs and logs audit message of a CIM InvokeMethod operation @param userName - The user name for this operation @param ipAddr - Client IP address for this operation @param nameSpace - The namespace for the operation @param objectName - The name of the object on which the method is invoked @param methodName - The name of the method to be executed @param moduleName - The provider module name that serves the request @param providerName - The provider name that serves the request @param statusCode - The CIM status code for the operation */ static void logInvokeMethodOperation( const String& userName, const String& ipAddr, const CIMNamespaceName& nameSpace, const CIMObjectPath& objectName, const CIMName& methodName, const String& moduleName, const String& providerName, CIMStatusCode statusCode); /** Constructs and logs audit message of a provider module status change @param moduleName - The name of the provider module @param currentModuleStatus - The current status of the provider module @param newModuleStatus - The new status of the provider module */ static void logUpdateProvModuleStatus( const String & moduleName, const Array currentModuleStatus, const Array newModuleStatus); /** Constructs and logs audit message of local authentication @param userName - The user name for this operation @param successful - True on successful basic authentication, false otherwise */ static void logLocalAuthentication( const String& userName, Boolean successful); /** Constructs and logs audit message of basic authentication @param userName - The user name for this operation @param ipAddr - Client IP address for this operation @param successful - True on successful basic authentication, false otherwise */ static void logBasicAuthentication( const String& userName, const String& ipAddr, Boolean successful); typedef void (*PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T)(); typedef void (*PEGASUS_AUDITLOG_CALLBACK_T) (AuditType, AuditSubType, AuditEvent, Uint32, MessageLoaderParms &); /** Registers an audit log initialize callback If a non-null initialize callback function is registered, it will be called when the audit log is enabled. @param auditLogInitializeCallback - The audit log initialize callback function */ static void setInitializeCallback( PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T auditLogInitializeCallback); /** If the enabled is true, the audit log initialize callback function is called to communicate that the audit log is enabled. @param enabled - True on config property "enableAuditLog" is enabled, false otherwise */ static void setEnabled(Boolean enabled); static Boolean isEnabled(); /** Registers writing audit messages to a file callback @param writeAuditMessageCallback - The callback function to write audit message */ static void writeAuditLogToFileCallback( PEGASUS_AUDITLOG_CALLBACK_T writeAuditMessageCallback); private: static Boolean _auditLogFlag; /** Callback function to be called when the audit log is enabled */ static PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T _auditLogInitializeCallback; /** The function to write audit messages */ static PEGASUS_AUDITLOG_CALLBACK_T _writeAuditMessageToFile; /** Default function to write a auditMessage to a file @param AuditType - Type of audit record (Authentication etc) @param AuditSubType - Sub type of audit record(Local_Authentication etc) @param AuditEvent - Event of audit record (Start_Up etc) @param logLevel - Pegasus Severity (WARNING etc) All the audit messages are passed with pegasus severity "INFORMATION", except authentication attempts failed messages or authorization failed messages are passed with pegasus severity "WARNING" @param msgParms - The message loader parameters */ static void _writeAuditMessage( AuditType auditType, AuditSubType auditSubType, AuditEvent auditEvent, Uint32 logLevel, MessageLoaderParms & msgParms); /** gets module status value @param moduleStatus - The module status */ static String _getModuleStatusValue(const Array moduleStatus); }; inline Boolean AuditLogger::isEnabled() { return _auditLogFlag; } # define PEG_AUDIT_LOG(T) \ do \ { \ if (AuditLogger::isEnabled()) \ { \ AuditLogger::T; \ } \ } \ while (0) #else # define PEG_AUDIT_LOG(T) #endif PEGASUS_NAMESPACE_END #endif /* Pegasus_AuditLogger_h */