forked from elastic/kibana
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[Audit Logging] Add AuditTrail service (elastic#69278)
* add generic audit_trail service in core * expose auditTraik service to plugins * add auditTrail x-pack plugin * fix type errors * update mocks * expose asScoped interface via start. auditor via request context * use type from audit trail service * wrap getActiveSpace in safeCall only. it throws exception for non-authz * pass message to log explicitly * update docs * create one auditor per request * wire es client up to auditor * update docs * withScope accepts only one scope * use scoped client in context for callAsInternalUser * use auditor in scoped cluster client * adopt auditTrail plugin to new interface. configure log from config * do not log audit events in console by default * add audit trail functional tests * cleanup * add example * add mocks for spaces plugin * add unit tests * update docs * test description * Apply suggestions from code review apply @jportner suggestions Co-authored-by: Joe Portner <[email protected]> * add unit tests * more robust tests * make spaces optional * address comments * update docs * fix WebStorm refactoring Co-authored-by: Joe Portner <[email protected]>
- Loading branch information
Showing
77 changed files
with
1,625 additions
and
76 deletions.
There are no files selected for viewing
25 changes: 25 additions & 0 deletions
25
docs/development/core/server/kibana-plugin-core-server.auditableevent.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,25 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) | ||
|
||
## AuditableEvent interface | ||
|
||
Event to audit. | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
export interface AuditableEvent | ||
``` | ||
|
||
## Remarks | ||
|
||
Not a complete interface. | ||
|
||
## Properties | ||
|
||
| Property | Type | Description | | ||
| --- | --- | --- | | ||
| [message](./kibana-plugin-core-server.auditableevent.message.md) | <code>string</code> | | | ||
| [type](./kibana-plugin-core-server.auditableevent.type.md) | <code>string</code> | | | ||
|
11 changes: 11 additions & 0 deletions
11
docs/development/core/server/kibana-plugin-core-server.auditableevent.message.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) > [message](./kibana-plugin-core-server.auditableevent.message.md) | ||
|
||
## AuditableEvent.message property | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
message: string; | ||
``` |
11 changes: 11 additions & 0 deletions
11
docs/development/core/server/kibana-plugin-core-server.auditableevent.type.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditableEvent](./kibana-plugin-core-server.auditableevent.md) > [type](./kibana-plugin-core-server.auditableevent.type.md) | ||
|
||
## AuditableEvent.type property | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
type: string; | ||
``` |
36 changes: 36 additions & 0 deletions
36
docs/development/core/server/kibana-plugin-core-server.auditor.add.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [Auditor](./kibana-plugin-core-server.auditor.md) > [add](./kibana-plugin-core-server.auditor.add.md) | ||
|
||
## Auditor.add() method | ||
|
||
Add a record to audit log. Service attaches to a log record: - metadata about an end-user initiating an operation - scope name, if presents | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
add(event: AuditableEvent): void; | ||
``` | ||
|
||
## Parameters | ||
|
||
| Parameter | Type | Description | | ||
| --- | --- | --- | | ||
| event | <code>AuditableEvent</code> | | | ||
|
||
<b>Returns:</b> | ||
|
||
`void` | ||
|
||
## Example | ||
|
||
How to add a record in audit log: | ||
|
||
```typescript | ||
router.get({ path: '/my_endpoint', validate: false }, async (context, request, response) => { | ||
context.core.auditor.withAuditScope('my_plugin_operation'); | ||
const value = await context.core.elasticsearch.legacy.client.callAsCurrentUser('...'); | ||
context.core.add({ type: 'operation.type', message: 'perform an operation in ... endpoint' }); | ||
|
||
``` | ||
21 changes: 21 additions & 0 deletions
21
docs/development/core/server/kibana-plugin-core-server.auditor.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [Auditor](./kibana-plugin-core-server.auditor.md) | ||
|
||
## Auditor interface | ||
|
||
Provides methods to log user actions and access events. | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
export interface Auditor | ||
``` | ||
|
||
## Methods | ||
|
||
| Method | Description | | ||
| --- | --- | | ||
| [add(event)](./kibana-plugin-core-server.auditor.add.md) | Add a record to audit log. Service attaches to a log record: - metadata about an end-user initiating an operation - scope name, if presents | | ||
| [withAuditScope(name)](./kibana-plugin-core-server.auditor.withauditscope.md) | Add a high-level scope name for logged events. It helps to identify the root cause of low-level events. | | ||
|
24 changes: 24 additions & 0 deletions
24
docs/development/core/server/kibana-plugin-core-server.auditor.withauditscope.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [Auditor](./kibana-plugin-core-server.auditor.md) > [withAuditScope](./kibana-plugin-core-server.auditor.withauditscope.md) | ||
|
||
## Auditor.withAuditScope() method | ||
|
||
Add a high-level scope name for logged events. It helps to identify the root cause of low-level events. | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
withAuditScope(name: string): void; | ||
``` | ||
|
||
## Parameters | ||
|
||
| Parameter | Type | Description | | ||
| --- | --- | --- | | ||
| name | <code>string</code> | | | ||
|
||
<b>Returns:</b> | ||
|
||
`void` | ||
|
22 changes: 22 additions & 0 deletions
22
docs/development/core/server/kibana-plugin-core-server.auditorfactory.asscoped.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) > [asScoped](./kibana-plugin-core-server.auditorfactory.asscoped.md) | ||
|
||
## AuditorFactory.asScoped() method | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
asScoped(request: KibanaRequest): Auditor; | ||
``` | ||
|
||
## Parameters | ||
|
||
| Parameter | Type | Description | | ||
| --- | --- | --- | | ||
| request | <code>KibanaRequest</code> | | | ||
|
||
<b>Returns:</b> | ||
|
||
`Auditor` | ||
|
20 changes: 20 additions & 0 deletions
20
docs/development/core/server/kibana-plugin-core-server.auditorfactory.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) | ||
|
||
## AuditorFactory interface | ||
|
||
Creates [Auditor](./kibana-plugin-core-server.auditor.md) instance bound to the current user credentials. | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
export interface AuditorFactory | ||
``` | ||
|
||
## Methods | ||
|
||
| Method | Description | | ||
| --- | --- | | ||
| [asScoped(request)](./kibana-plugin-core-server.auditorfactory.asscoped.md) | | | ||
|
18 changes: 18 additions & 0 deletions
18
docs/development/core/server/kibana-plugin-core-server.audittrailsetup.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) | ||
|
||
## AuditTrailSetup interface | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
export interface AuditTrailSetup | ||
``` | ||
|
||
## Methods | ||
|
||
| Method | Description | | ||
| --- | --- | | ||
| [register(auditor)](./kibana-plugin-core-server.audittrailsetup.register.md) | Register a custom [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) implementation. | | ||
|
24 changes: 24 additions & 0 deletions
24
docs/development/core/server/kibana-plugin-core-server.audittrailsetup.register.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) > [register](./kibana-plugin-core-server.audittrailsetup.register.md) | ||
|
||
## AuditTrailSetup.register() method | ||
|
||
Register a custom [AuditorFactory](./kibana-plugin-core-server.auditorfactory.md) implementation. | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
register(auditor: AuditorFactory): void; | ||
``` | ||
|
||
## Parameters | ||
|
||
| Parameter | Type | Description | | ||
| --- | --- | --- | | ||
| auditor | <code>AuditorFactory</code> | | | ||
|
||
<b>Returns:</b> | ||
|
||
`void` | ||
|
11 changes: 11 additions & 0 deletions
11
docs/development/core/server/kibana-plugin-core-server.audittrailstart.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [AuditTrailStart](./kibana-plugin-core-server.audittrailstart.md) | ||
|
||
## AuditTrailStart type | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
export declare type AuditTrailStart = AuditorFactory; | ||
``` |
13 changes: 13 additions & 0 deletions
13
docs/development/core/server/kibana-plugin-core-server.coresetup.audittrail.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [CoreSetup](./kibana-plugin-core-server.coresetup.md) > [auditTrail](./kibana-plugin-core-server.coresetup.audittrail.md) | ||
|
||
## CoreSetup.auditTrail property | ||
|
||
[AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
auditTrail: AuditTrailSetup; | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
13 changes: 13 additions & 0 deletions
13
docs/development/core/server/kibana-plugin-core-server.corestart.audittrail.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [CoreStart](./kibana-plugin-core-server.corestart.md) > [auditTrail](./kibana-plugin-core-server.corestart.audittrail.md) | ||
|
||
## CoreStart.auditTrail property | ||
|
||
[AuditTrailSetup](./kibana-plugin-core-server.audittrailsetup.md) | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
auditTrail: AuditTrailStart; | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
13 changes: 13 additions & 0 deletions
13
docs/development/core/server/kibana-plugin-core-server.httpserverinfo.hostname.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
<!-- Do not edit this file. It is automatically generated by API Documenter. --> | ||
|
||
[Home](./index.md) > [kibana-plugin-core-server](./kibana-plugin-core-server.md) > [HttpServerInfo](./kibana-plugin-core-server.httpserverinfo.md) > [hostname](./kibana-plugin-core-server.httpserverinfo.hostname.md) | ||
|
||
## HttpServerInfo.hostname property | ||
|
||
The hostname of the server | ||
|
||
<b>Signature:</b> | ||
|
||
```typescript | ||
hostname: string; | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,5 +20,6 @@ core: { | |
uiSettings: { | ||
client: IUiSettingsClient; | ||
}; | ||
auditor: Auditor; | ||
}; | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.