63 thilo.boehm 1.1 PEGASUS_USING_STD;
64
65 PEGASUS_NAMESPACE_BEGIN
66
67 static const String providerModuleStatus [] = {
68 "Unknown", "Other", "OK", "Degraded",
69 "Stressed", "Predictive Failure", "Error", "Non-Recoverable Error",
70 "Starting", "Stopping", "Stopped", "In Service", "No Contact",
71 "Lost Communication"};
72
73 Boolean AuditLogger::_auditLogFlag = false;
74
75 AuditLogger::PEGASUS_AUDITLOGINITIALIZE_CALLBACK_T
76 AuditLogger::_auditLogInitializeCallback = 0;
77
78 AuditLogger::PEGASUS_AUDITLOG_CALLBACK_T AuditLogger::_writeAuditMessage =
79 AuditLogger::_writeAuditMessageToLog;
80
81 void AuditLogger::logCurrentConfig(
82 const Array<String> & propertyNames,
83 const Array<String> & propertyValues)
84 thilo.boehm 1.1 {
85 for (Uint32 i = 0; i < propertyNames.size(); i++)
86 {
87 String propertyStr = propertyNames[i] + "=" + propertyValues[i];
88
89 MessageLoaderParms msgParms("Common.AuditLogger.CURRENT_CONFIG",
90 "cimserver configuration $0", propertyStr);
91
92 _writeAuditMessage(TYPE_CONFIGURATION,
93 SUBTYPE_CURRENT_CONFIGURATION,
94 EVENT_START_UP, Logger::INFORMATION, msgParms);
95 }
96 }
97
98 void AuditLogger::logCurrentRegProvider(
99 const Array < CIMInstance > & instances)
100 {
101 String moduleName;
102 Array<Uint16> moduleStatus;
103 String statusValue;
104 Uint32 pos;
105 thilo.boehm 1.1
106 // get all the registered provider module names and status
107 for (Uint32 i = 0; i <instances.size(); i++)
108 {
109 instances[i].getProperty(instances[i].findProperty(
110 _PROPERTY_PROVIDERMODULE_NAME)).getValue().get(moduleName);
111
112 pos = instances[i].findProperty(_PROPERTY_OPERATIONALSTATUS);
113
114 if (pos == PEG_NOT_FOUND)
115 {
116 moduleStatus.append(0);
117 }
118 else
119 {
120 CIMValue theValue = instances[i].getProperty(pos).getValue();
121
122 if (theValue.isNull())
123 {
124 moduleStatus.append(0);
125 }
126 thilo.boehm 1.1 else
127 {
128 theValue.get(moduleStatus);
129 }
130 }
131
132 statusValue = _getModuleStatusValue(moduleStatus);
133
134 MessageLoaderParms msgParms(
135 "Common.AuditLogger.CURRENT_PROVIDER_REGISTRATION",
136 "Provider module \"$0\" has status \"$1\".",
137 moduleName, statusValue);
138
139 _writeAuditMessage(TYPE_CONFIGURATION,
140 SUBTYPE_CURRENT_PROVIDER_REGISTRATION,
141 EVENT_START_UP, Logger::INFORMATION, msgParms);
142 }
143 }
144
145 void AuditLogger::logCurrentEnvironmentVar()
146 {
147 thilo.boehm 1.1 #ifdef PEGASUS_OS_DARWIN
148 char** envp = *_NSGetEnviron();
149 #else
150 char** envp = environ;
151 #endif
152
153 Uint32 i = 0;
154
155 while (envp[i])
156 {
157 MessageLoaderParms msgParms("Common.AuditLogger.CURRENT_ENV",
158 "cimserver environment variable: $0", envp[i]);
159
160 _writeAuditMessage(TYPE_CONFIGURATION,
161 SUBTYPE_CURRENT_ENVIRONMENT_VARIABLES,
162 EVENT_START_UP, Logger::INFORMATION, msgParms);
163
164 i++;
165 }
166 }
167
168 thilo.boehm 1.1 void AuditLogger::logSetConfigProperty(
169 const String & userName,
170 const String & propertyName,
171 const String & prePropertyValue,
172 const String & newPropertyValue,
173 Boolean isPlanned)
174 {
175 if (isPlanned)
176 {
177 MessageLoaderParms msgParms(
178 "Common.AuditLogger.SET_PLANNED_CONFIG_PROPERTY",
179 "The planned value of property \"$0\" is modified from "
180 "value \"$1\" to value \"$2\" by user \"$3\".",
181 propertyName, prePropertyValue, newPropertyValue, userName);
182
183 _writeAuditMessage(TYPE_CONFIGURATION,
184 SUBTYPE_CONFIGURATION_CHANGE,
185 EVENT_UPDATE, Logger::INFORMATION, msgParms);
186 }
187 else
188 {
189 thilo.boehm 1.1 MessageLoaderParms msgParms(
190 "Common.AuditLogger.SET_CURRENT_CONFIG_PROPERTY",
191 "The current value of property \"$0\" is modified from "
192 "value \"$1\" to value \"$2\" by user \"$3\".",
193 propertyName, prePropertyValue, newPropertyValue, userName);
194
195 _writeAuditMessage(TYPE_CONFIGURATION,
196 SUBTYPE_CONFIGURATION_CHANGE,
197 EVENT_UPDATE, Logger::INFORMATION, msgParms);
198 }
199 }
200
201 void AuditLogger::logUpdateClassOperation(
202 const char* cimMethodName,
203 AuditEvent eventType,
204 const String& userName,
205 const String& ipAddr,
206 const CIMNamespaceName& nameSpace,
207 const CIMName& className,
208 CIMStatusCode statusCode)
209 {
210 thilo.boehm 1.1 MessageLoaderParms msgParms(
211 "Common.AuditLogger.OPERATION_UPDATE_CLASS",
212 "A CIM $0 operation on class \"$1\" in namespace \"$2\" by user "
213 "\"$3\" connected from system \"$4\" resulted in status \"$5\".",
214 cimMethodName,
215 className.getString(),
216 nameSpace.getString(),
217 userName,
218 ipAddr,
219 cimStatusCodeToString(statusCode));
220
221 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_SCHEMA_OPERATION,
222 eventType, Logger::INFORMATION, msgParms);
223 }
224
225 void AuditLogger::logUpdateQualifierOperation(
226 const char* cimMethodName,
227 AuditEvent eventType,
228 const String& userName,
229 const String& ipAddr,
230 const CIMNamespaceName& nameSpace,
231 thilo.boehm 1.1 const CIMName& className,
232 CIMStatusCode statusCode)
233 {
234 MessageLoaderParms msgParms(
235 "Common.AuditLogger.OPERATION_UPDATE_QUALIFIER",
236 "A CIM $0 operation on qualifier \"$1\" in namespace \"$2\" by user "
237 "\"$3\" connected from system \"$4\" resulted in status \"$5\".",
238 cimMethodName,
239 className.getString(),
240 nameSpace.getString(),
241 userName,
242 ipAddr,
243 cimStatusCodeToString(statusCode));
244
245 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_SCHEMA_OPERATION,
246 eventType, Logger::INFORMATION, msgParms);
247 }
248
249 void AuditLogger::logUpdateInstanceOperation(
250 const char* cimMethodName,
251 AuditEvent eventType,
252 thilo.boehm 1.1 const String& userName,
253 const String& ipAddr,
254 const CIMNamespaceName& nameSpace,
255 const CIMObjectPath& instanceName,
256 const String& moduleName,
257 const String& providerName,
258 CIMStatusCode statusCode)
259 {
260 if (providerName != String::EMPTY)
261 {
262 MessageLoaderParms msgParms(
263 "Common.AuditLogger.OPERATION_UPDATE_INSTANCE_WITH_PROVIDER",
264 "A CIM $0 operation on instance \"$1\" in namespace \"$2\" by "
265 "user \"$3\" connected from system \"$4\" resulted in "
266 "status \"$5\". "
267 "The provider for this operation is \"$6\" in module \"$7\".",
268 cimMethodName,
269 CIMObjectPath("", CIMNamespaceName(), instanceName.getClassName(),
270 instanceName.getKeyBindings()).toString(),
271 nameSpace.getString(),
272 userName,
273 thilo.boehm 1.1 ipAddr,
274 cimStatusCodeToString(statusCode),
275 providerName,
276 moduleName);
277
278 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
279 eventType, Logger::INFORMATION, msgParms);
280 }
281 else
282 {
283 MessageLoaderParms msgParms(
284 "Common.AuditLogger.OPERATION_UPDATE_INSTANCE",
285 "A CIM $0 operation on instance \"$1\" in namespace \"$2\" by "
286 "user \"$3\" connected from system \"$4\" resulted in "
287 "status \"$5\". ",
288 cimMethodName,
289 CIMObjectPath("", CIMNamespaceName(), instanceName.getClassName(),
290 instanceName.getKeyBindings()).toString(),
291 nameSpace.getString(),
292 userName,
293 ipAddr,
294 thilo.boehm 1.1 cimStatusCodeToString(statusCode));
295
296 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
297 eventType, Logger::INFORMATION, msgParms);
298 }
299 }
300
301 void AuditLogger::logInvokeMethodOperation(
302 const String& userName,
303 const String& ipAddr,
304 const CIMNamespaceName& nameSpace,
305 const CIMObjectPath& objectName,
306 const CIMName& methodName,
307 const String& moduleName,
308 const String& providerName,
309 CIMStatusCode statusCode)
310 {
311 if (providerName != String::EMPTY)
312 {
313 MessageLoaderParms msgParms(
314 "Common.AuditLogger.OPERATION_INVOKE_METHOD_WITH_PROVIDER",
315 thilo.boehm 1.1 "A CIM InvokeMethod operation on method \"$0\" of object \"$1\" "
316 "in namespace \"$2\" by user \"$3\" connected from system "
317 "\"$4\" resulted in status \"$5\". The provider for this "
318 "operation is \"$6\" in module \"$7\".",
319 methodName.getString(),
320 CIMObjectPath("", CIMNamespaceName(), objectName.getClassName(),
321 objectName.getKeyBindings()).toString(),
322 nameSpace.getString(),
323 userName,
324 ipAddr,
325 cimStatusCodeToString(statusCode),
326 providerName,
327 moduleName);
328
329 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
330 EVENT_INVOKE, Logger::INFORMATION, msgParms);
331 }
332 else
333 {
334 MessageLoaderParms msgParms(
335 "Common.AuditLogger.OPERATION_INVOKE_METHOD",
336 thilo.boehm 1.1 "A CIM InvokeMethod operation on method \"$0\" of object \"$1\" "
337 "in namespace \"$2\" by user \"$3\" connected from system "
338 "\"$4\" resulted in status \"$5\".",
339 methodName.getString(),
340 CIMObjectPath("", CIMNamespaceName(), objectName.getClassName(),
341 objectName.getKeyBindings()).toString(),
342 nameSpace.getString(),
343 userName,
344 ipAddr,
345 cimStatusCodeToString(statusCode));
346
347 _writeAuditMessage(TYPE_CIMOPERATION, SUBTYPE_INSTANCE_OPERATION,
348 EVENT_INVOKE, Logger::INFORMATION, msgParms);
349 }
350 }
351
352 void AuditLogger::logUpdateProvModuleStatus(
353 const String & moduleName,
354 const Array<Uint16> currentModuleStatus,
355 const Array<Uint16> newModuleStatus)
356 {
357 thilo.boehm 1.1 String currentModuleStatusValue =
358 _getModuleStatusValue(currentModuleStatus);
359
360 String newModuleStatusValue = _getModuleStatusValue(newModuleStatus);
361
362 MessageLoaderParms msgParms(
363 "Common.AuditLogger.UPDATE_PROVIDER_MODULE_STATUS",
364 "The operational status of module \"$0\" has changed from \"$1\""
365 " to \"$2\".",
366 moduleName, currentModuleStatusValue, newModuleStatusValue);
367
368 _writeAuditMessage(TYPE_CONFIGURATION,
369 SUBTYPE_PROVIDER_MODULE_STATUS_CHANGE,
370 EVENT_UPDATE, Logger::INFORMATION, msgParms);
371 }
372
373 void AuditLogger::logLocalAuthentication(
374 const String& userName,
375 Boolean successful)
376 {
377 MessageLoaderParms msgParms(
378 thilo.boehm 1.1 "Common.AuditLogger.LOCAL_AUTHENTICATION",
379 "Local authentication attempt: "
380 "successful = $0, user = $1. ",
381 CIMValue(successful).toString(),
382 userName);
383
384 _writeAuditMessage(
385 TYPE_AUTHENTICATION,
386 SUBTYPE_LOCAL_AUTHENTICATION,
387 successful ? EVENT_AUTH_SUCCESS : EVENT_AUTH_FAILURE,
388 successful ? Logger::INFORMATION : Logger::WARNING,
389 msgParms);
390 }
391
392 void AuditLogger::logBasicAuthentication(
393 const String& userName,
394 const String& ipAddr,
395 Boolean successful)
396 {
397 MessageLoaderParms msgParms(
398 "Common.AuditLogger.BASIC_AUTHENTICATION",
399 thilo.boehm 1.1 "Basic authentication attempt: "
|