55 thilo.boehm 1.1 #include <stdlib.h>
56
57 #ifdef PEGASUS_ENABLE_AUDIT_LOGGER
58
59 PEGASUS_USING_STD;
60
61 PEGASUS_NAMESPACE_BEGIN
62
63 static const String providerModuleStatus [] = {
64 "Unknown", "Other", "OK", "Degraded",
65 "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error",
66 "Starting", "Stopping", "Stopped", "In Service", "No Contact",
67 "Lost Communication"};
68
69 Boolean AuditLogger::_auditLogFlag = false;
70
71 AuditLogger::PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T
72 AuditLogger::_auditLogInitializeCallback = 0;
73
74 AuditLogger::PEGASUS_AUDITLOG_CALLBACK_T AuditLogger::_writeAuditMessage =
75 AuditLogger::_writeAuditMessageToLog;
76 thilo.boehm 1.1
77 void AuditLogger::logCurrentConfig(
78 const Array<String> & propertyNames,
79 const Array<String> & propertyValues)
80 {
81 for (Uint32 i = 0; i < propertyNames.size(); i++)
82 {
83 String propertyStr = propertyNames[i] + "=" + propertyValues[i];
84
85 MessageLoaderParms msgParms("Common.AuditLogger.CURRENT_CONFIG",
86 "cimserver configuration $0", propertyStr);
87
88 _writeAuditMessage(TYPE_CONFIGURATION,
89 SUBTYPE_CURRENT_CONFIGURATION,
90 EVENT_START_UP, Logger::INFORMATION, msgParms);
91 }
92 }
93
94 void AuditLogger::logCurrentRegProvider(
95 const Array < CIMInstance > & instances)
96 {
97 thilo.boehm 1.1 String moduleName;
98 Array<Uint16> moduleStatus;
99 String statusValue;
100 Uint32 pos;
101
102 // get all the registered provider module names and status
103 for (Uint32 i = 0; i <instances.size(); i++)
104 {
105 instances[i].getProperty(instances[i].findProperty(
106 _PROPERTY_PROVIDERMODULE_NAME)).getValue().get(moduleName);
107
108 pos = instances[i].findProperty(_PROPERTY_OPERATIONALSTATUS);
109
110 if (pos == PEG_NOT_FOUND)
111 {
112 moduleStatus.append(0);
113 }
114 else
115 {
116 CIMValue theValue = instances[i].getProperty(pos).getValue();
117
118 thilo.boehm 1.1 if (theValue.isNull())
119 {
120 moduleStatus.append(0);
121 }
122 else
123 {
124 theValue.get(moduleStatus);
125 }
126 }
127
128 statusValue = _getModuleStatusValue(moduleStatus);
129
130 MessageLoaderParms msgParms(
131 "Common.AuditLogger.CURRENT_PROVIDER_REGISTRATION",
132 "Provider module \"$0\" has status \"$1\".",
133 moduleName, statusValue);
134
135 _writeAuditMessage(TYPE_CONFIGURATION,
136 SUBTYPE_CURRENT_PROVIDER_REGISTRATION,
137 EVENT_START_UP, Logger::INFORMATION, msgParms);
138 }
139 thilo.boehm 1.1 }
140
141 void AuditLogger::logCurrentEnvironmentVar()
142 {
143 #ifdef PEGASUS_OS_DARWIN
144 char** envp = *_NSGetEnviron();
145 #else
146 char** envp = environ;
147 #endif
148
149 Uint32 i = 0;
150
151 while (envp[i])
152 {
153 MessageLoaderParms msgParms("Common.AuditLogger.CURRENT_ENV",
154 "cimserver environment variable: $0", envp[i]);
155
156 _writeAuditMessage(TYPE_CONFIGURATION,
157 SUBTYPE_CURRENT_ENVIRONMENT_VARIABLES,
158 EVENT_START_UP, Logger::INFORMATION, msgParms);
159
160 thilo.boehm 1.1 i++;
161 }
162 }
163
164 void AuditLogger::logSetConfigProperty(
165 const String & userName,
166 const String & propertyName,
167 const String & prePropertyValue,
168 const String & newPropertyValue,
169 Boolean isPlanned)
170 {
171 if (isPlanned)
172 {
173 MessageLoaderParms msgParms(
174 "Common.AuditLogger.SET_PLANNED_CONFIG_PROPERTY",
175 "The planned value of property \"$0\" is modified from "
176 "value \"$1\" to value \"$2\" by user \"$3\".",
177 propertyName, prePropertyValue, newPropertyValue, userName);
178
179 _writeAuditMessage(TYPE_CONFIGURATION,
180 SUBTYPE_CONFIGURATION_CHANGE,
181 thilo.boehm 1.1 EVENT_UPDATE, Logger::INFORMATION, msgParms);
182 }
183 else
184 {
185 MessageLoaderParms msgParms(
186 "Common.AuditLogger.SET_CURRENT_CONFIG_PROPERTY",
187 "The current value of property \"$0\" is modified from "
188 "value \"$1\" to value \"$2\" by user \"$3\".",
189 propertyName, prePropertyValue, newPropertyValue, userName);
190
191 _writeAuditMessage(TYPE_CONFIGURATION,
192 SUBTYPE_CONFIGURATION_CHANGE,
193 EVENT_UPDATE, Logger::INFORMATION, msgParms);
194 }
195 }
196
197 void AuditLogger::logUpdateClassOperation(
198 const char* cimMethodName,
199 AuditEvent eventType,
200 const String& userName,
201 const String& ipAddr,
202 thilo.boehm 1.1 const CIMNamespaceName& nameSpace,
203 const CIMName& className,
204 CIMStatusCode statusCode)
205 {
206 MessageLoaderParms msgParms(
207 "Common.AuditLogger.OPERATION_UPDATE_CLASS",
208 "A CIM $0 operation on class \"$1\" in namespace \"$2\" by user "
209 "\"$3\" connected from system \"$4\" resulted in status \"$5\".",
210 cimMethodName,
211 className.getString(),
212 nameSpace.getString(),
213 userName,
214 ipAddr,
215 cimStatusCodeToString(statusCode));
216
217 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_SCHEMA_OPERATION,
218 eventType, Logger::INFORMATION, msgParms);
219 }
220
221 void AuditLogger::logUpdateQualifierOperation(
222 const char* cimMethodName,
223 thilo.boehm 1.1 AuditEvent eventType,
224 const String& userName,
225 const String& ipAddr,
226 const CIMNamespaceName& nameSpace,
227 const CIMName& className,
228 CIMStatusCode statusCode)
229 {
230 MessageLoaderParms msgParms(
231 "Common.AuditLogger.OPERATION_UPDATE_QUALIFIER",
232 "A CIM $0 operation on qualifier \"$1\" in namespace \"$2\" by user "
233 "\"$3\" connected from system \"$4\" resulted in status \"$5\".",
234 cimMethodName,
235 className.getString(),
236 nameSpace.getString(),
237 userName,
238 ipAddr,
239 cimStatusCodeToString(statusCode));
240
241 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_SCHEMA_OPERATION,
242 eventType, Logger::INFORMATION, msgParms);
243 }
244 thilo.boehm 1.1
245 void AuditLogger::logUpdateInstanceOperation(
246 const char* cimMethodName,
247 AuditEvent eventType,
248 const String& userName,
249 const String& ipAddr,
250 const CIMNamespaceName& nameSpace,
251 const CIMObjectPath& instanceName,
252 const String& moduleName,
253 const String& providerName,
254 CIMStatusCode statusCode)
255 {
256 if (providerName != String::EMPTY)
257 {
258 MessageLoaderParms msgParms(
259 "Common.AuditLogger.OPERATION_UPDATE_INSTANCE_WITH_PROVIDER",
260 "A CIM $0 operation on instance \"$1\" in namespace \"$2\" by "
261 "user \"$3\" connected from system \"$4\" resulted in "
262 "status \"$5\". "
263 "The provider for this operation is \"$6\" in module \"$7\".",
264 cimMethodName,
265 thilo.boehm 1.1 CIMObjectPath("", CIMNamespaceName(), instanceName.getClassName(),
266 instanceName.getKeyBindings()).toString(),
267 nameSpace.getString(),
268 userName,
269 ipAddr,
270 cimStatusCodeToString(statusCode),
271 providerName,
272 moduleName);
273
274 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
275 eventType, Logger::INFORMATION, msgParms);
276 }
277 else
278 {
279 MessageLoaderParms msgParms(
280 "Common.AuditLogger.OPERATION_UPDATE_INSTANCE",
281 "A CIM $0 operation on instance \"$1\" in namespace \"$2\" by "
282 "user \"$3\" connected from system \"$4\" resulted in "
283 "status \"$5\". ",
284 cimMethodName,
285 CIMObjectPath("", CIMNamespaceName(), instanceName.getClassName(),
286 thilo.boehm 1.1 instanceName.getKeyBindings()).toString(),
287 nameSpace.getString(),
288 userName,
289 ipAddr,
290 cimStatusCodeToString(statusCode));
291
292 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
293 eventType, Logger::INFORMATION, msgParms);
294 }
295 }
296
297 void AuditLogger::logInvokeMethodOperation(
298 const String& userName,
299 const String& ipAddr,
300 const CIMNamespaceName& nameSpace,
301 const CIMObjectPath& objectName,
302 const CIMName& methodName,
303 const String& moduleName,
304 const String& providerName,
305 CIMStatusCode statusCode)
306 {
307 thilo.boehm 1.1 if (providerName != String::EMPTY)
308 {
309 MessageLoaderParms msgParms(
310 "Common.AuditLogger.OPERATION_INVOKE_METHOD_WITH_PROVIDER",
311 "A CIM InvokeMethod operation on method \"$0\" of object \"$1\" "
312 "in namespace \"$2\" by user \"$3\" connected from system "
313 "\"$4\" resulted in status \"$5\". The provider for this "
314 "operation is \"$6\" in module \"$7\".",
315 methodName.getString(),
316 CIMObjectPath("", CIMNamespaceName(), objectName.getClassName(),
317 objectName.getKeyBindings()).toString(),
318 nameSpace.getString(),
319 userName,
320 ipAddr,
321 cimStatusCodeToString(statusCode),
322 providerName,
323 moduleName);
324
325 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
326 EVENT_INVOKE, Logger::INFORMATION, msgParms);
327 }
328 thilo.boehm 1.1 else
329 {
330 MessageLoaderParms msgParms(
331 "Common.AuditLogger.OPERATION_INVOKE_METHOD",
332 "A CIM InvokeMethod operation on method \"$0\" of object \"$1\" "
333 "in namespace \"$2\" by user \"$3\" connected from system "
334 "\"$4\" resulted in status \"$5\".",
335 methodName.getString(),
336 CIMObjectPath("", CIMNamespaceName(), objectName.getClassName(),
337 objectName.getKeyBindings()).toString(),
338 nameSpace.getString(),
339 userName,
340 ipAddr,
341 cimStatusCodeToString(statusCode));
342
343 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
344 EVENT_INVOKE, Logger::INFORMATION, msgParms);
345 }
346 }
347
348 void AuditLogger::logUpdateProvModuleStatus(
349 thilo.boehm 1.1 const String & moduleName,
350 const Array<Uint16> currentModuleStatus,
351 const Array<Uint16> newModuleStatus)
352 {
353 String currentModuleStatusValue =
354 _getModuleStatusValue(currentModuleStatus);
355
356 String newModuleStatusValue = _getModuleStatusValue(newModuleStatus);
357
358 MessageLoaderParms msgParms(
359 "Common.AuditLogger.UPDATE_PROVIDER_MODULE_STATUS",
360 "The operational status of module \"$0\" has changed from \"$1\""
361 " to \"$2\".",
362 moduleName, currentModuleStatusValue, newModuleStatusValue);
363
364 _writeAuditMessage(TYPE_CONFIGURATION,
365 SUBTYPE_PROVIDER_MODULE_STATUS_CHANGE,
366 EVENT_UPDATE, Logger::INFORMATION, msgParms);
367 }
368
369 void AuditLogger::logLocalAuthentication(
370 thilo.boehm 1.1 const String& userName,
371 Boolean successful)
372 {
373 MessageLoaderParms msgParms(
374 "Common.AuditLogger.LOCAL_AUTHENTICATION",
375 "Local authentication attempt: "
376 "successful = $0, user = $1. ",
377 CIMValue(successful).toString(),
378 userName);
379
380 _writeAuditMessage(
381 TYPE_AUTHENTICATION,
382 SUBTYPE_LOCAL_AUTHENTICATION,
383 successful ? EVENT_AUTH_SUCCESS : EVENT_AUTH_FAILURE,
384 successful ? Logger::INFORMATION : Logger::WARNING,
385 msgParms);
386 }
387
388 void AuditLogger::logBasicAuthentication(
389 const String& userName,
390 const String& ipAddr,
391 thilo.boehm 1.1 Boolean successful)
392 {
393 MessageLoaderParms msgParms(
394 "Common.AuditLogger.BASIC_AUTHENTICATION",
395 "Basic authentication attempt: "
|