mirror of
https://github.com/minio/minio.git
synced 2025-11-10 05:59:43 -05:00
Support audit logs with additional fields (#6738)
This PR adds support - Request query params - Request headers - Response headers AuditLogEntry is exported and versioned as well starting with this PR.
This commit is contained in:
Harshavardhana
committed by
Dee Koder
Dee Koder
parent
3f19ea98bb
commit
bef0318c36
@@ -79,7 +79,7 @@ func setHeadGetRespHeaders(w http.ResponseWriter, reqParams url.Values) {
|
||||
func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "SelectObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
// Fetch object stat info.
|
||||
objectAPI := api.ObjectAPI()
|
||||
@@ -271,11 +271,23 @@ func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r
|
||||
// Executes the query on data-set
|
||||
s3select.Execute(w, s3s)
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
// Get host and port from Request.RemoteAddr.
|
||||
host, port, err := net.SplitHostPort(handlers.GetSourceIP(r))
|
||||
if err != nil {
|
||||
host, port = "", ""
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
// Notify object accessed via a GET request.
|
||||
sendEvent(eventArgs{
|
||||
EventName: event.ObjectAccessedGet,
|
||||
BucketName: bucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
RespElements: extractRespElements(w),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
}
|
||||
|
||||
// GetObjectHandler - GET Object
|
||||
@@ -285,7 +297,7 @@ func (api objectAPIHandlers) SelectObjectContentHandler(w http.ResponseWriter, r
|
||||
func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "GetObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -443,12 +455,6 @@ func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Req
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
}
|
||||
|
||||
// HeadObjectHandler - HEAD Object
|
||||
@@ -457,7 +463,7 @@ func (api objectAPIHandlers) GetObjectHandler(w http.ResponseWriter, r *http.Req
|
||||
func (api objectAPIHandlers) HeadObjectHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "HeadObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -597,12 +603,6 @@ func (api objectAPIHandlers) HeadObjectHandler(w http.ResponseWriter, r *http.Re
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
}
|
||||
|
||||
// Extract metadata relevant for an CopyObject operation based on conditional
|
||||
@@ -643,7 +643,7 @@ func getCpObjMetadataFromHeader(ctx context.Context, r *http.Request, userMeta m
|
||||
func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "CopyObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -984,20 +984,15 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
|
||||
|
||||
// Notify object created event.
|
||||
sendEvent(eventArgs{
|
||||
EventName: event.ObjectCreatedCopy,
|
||||
BucketName: dstBucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
EventName: event.ObjectCreatedCopy,
|
||||
BucketName: dstBucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
RespElements: extractRespElements(w),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
}
|
||||
|
||||
// PutObjectHandler - PUT Object
|
||||
@@ -1011,7 +1006,7 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
|
||||
func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "PutObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -1244,20 +1239,15 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req
|
||||
|
||||
// Notify object created event.
|
||||
sendEvent(eventArgs{
|
||||
EventName: event.ObjectCreatedPut,
|
||||
BucketName: bucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
EventName: event.ObjectCreatedPut,
|
||||
BucketName: bucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
RespElements: extractRespElements(w),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
}
|
||||
|
||||
/// Multipart objectAPIHandlers
|
||||
@@ -1271,7 +1261,7 @@ func (api objectAPIHandlers) PutObjectHandler(w http.ResponseWriter, r *http.Req
|
||||
func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "NewMultipartUpload")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -1365,7 +1355,7 @@ func (api objectAPIHandlers) NewMultipartUploadHandler(w http.ResponseWriter, r
|
||||
func (api objectAPIHandlers) CopyObjectPartHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "CopyObjectPart")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -1597,7 +1587,7 @@ func (api objectAPIHandlers) CopyObjectPartHandler(w http.ResponseWriter, r *htt
|
||||
func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "PutObjectPart")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
objectAPI := api.ObjectAPI()
|
||||
if objectAPI == nil {
|
||||
@@ -1841,7 +1831,7 @@ func (api objectAPIHandlers) PutObjectPartHandler(w http.ResponseWriter, r *http
|
||||
func (api objectAPIHandlers) AbortMultipartUploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "AbortMultipartUpload")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
vars := mux.Vars(r)
|
||||
bucket := vars["bucket"]
|
||||
@@ -1879,6 +1869,7 @@ func (api objectAPIHandlers) AbortMultipartUploadHandler(w http.ResponseWriter,
|
||||
writeErrorResponse(w, toAPIErrorCode(err), r.URL)
|
||||
return
|
||||
}
|
||||
|
||||
writeSuccessNoContent(w)
|
||||
}
|
||||
|
||||
@@ -1886,7 +1877,7 @@ func (api objectAPIHandlers) AbortMultipartUploadHandler(w http.ResponseWriter,
|
||||
func (api objectAPIHandlers) ListObjectPartsHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "ListObjectParts")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
vars := mux.Vars(r)
|
||||
bucket := vars["bucket"]
|
||||
@@ -1932,7 +1923,7 @@ func (api objectAPIHandlers) ListObjectPartsHandler(w http.ResponseWriter, r *ht
|
||||
func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "CompleteMultipartUpload")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
vars := mux.Vars(r)
|
||||
bucket := vars["bucket"]
|
||||
@@ -2036,20 +2027,15 @@ func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWrite
|
||||
|
||||
// Notify object created event.
|
||||
sendEvent(eventArgs{
|
||||
EventName: event.ObjectCreatedCompleteMultipartUpload,
|
||||
BucketName: bucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
EventName: event.ObjectCreatedCompleteMultipartUpload,
|
||||
BucketName: bucket,
|
||||
Object: objInfo,
|
||||
ReqParams: extractReqParams(r),
|
||||
RespElements: extractRespElements(w),
|
||||
UserAgent: r.UserAgent(),
|
||||
Host: host,
|
||||
Port: port,
|
||||
})
|
||||
|
||||
for k, v := range objInfo.UserDefined {
|
||||
logger.GetReqInfo(ctx).SetTags(k, v)
|
||||
}
|
||||
|
||||
logger.GetReqInfo(ctx).SetTags("etag", objInfo.ETag)
|
||||
}
|
||||
|
||||
/// Delete objectAPIHandlers
|
||||
@@ -2058,7 +2044,7 @@ func (api objectAPIHandlers) CompleteMultipartUploadHandler(w http.ResponseWrite
|
||||
func (api objectAPIHandlers) DeleteObjectHandler(w http.ResponseWriter, r *http.Request) {
|
||||
ctx := newContext(r, w, "DeleteObject")
|
||||
|
||||
defer logger.AuditLog(ctx, r)
|
||||
defer logger.AuditLog(ctx, w, r)
|
||||
|
||||
vars := mux.Vars(r)
|
||||
bucket := vars["bucket"]
|
||||
|
||||
Reference in New Issue
Block a user