384641194a
This change introduces a new audit subsystem that allows tracking and logging of database operations for security and compliance purposes. Key features include: - Configurable audit logging to either syslog or a dedicated system table (audit.audit_log) - Selective auditing based on: - Operation categories (QUERY, DML, DDL, DCL, AUTH, ADMIN) - Specific keyspaces - Specific tables - New configuration options: - audit: Controls audit destination (none/syslog/table) - audit_categories: Comma-separated list of operation categories to audit - audit_tables: Specific tables to audit - audit_keyspaces: Specific keyspaces to audit - audit_unix_socket_path: Path for syslog socket - audit_syslog_write_buffer_size: Buffer size for syslog writes The audit logs capture details including: - Operation timestamp - Node and client IP addresses - Operation category and query - Username - Success/failure status - Affected keyspace and table names
35 lines
979 B
C++
35 lines
979 B
C++
/*
|
|
* Copyright (C) 2017 ScyllaDB
|
|
*/
|
|
|
|
/*
|
|
* SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0
|
|
*/
|
|
#pragma once
|
|
|
|
#include "audit/audit.hh"
|
|
#include <seastar/core/future.hh>
|
|
|
|
namespace audit {
|
|
|
|
class storage_helper {
|
|
public:
|
|
using ptr_type = std::unique_ptr<storage_helper>;
|
|
storage_helper() {}
|
|
virtual ~storage_helper() {}
|
|
virtual future<> start(const db::config& cfg) = 0;
|
|
virtual future<> stop() = 0;
|
|
virtual future<> write(const audit_info* audit_info,
|
|
socket_address node_ip,
|
|
socket_address client_ip,
|
|
db::consistency_level cl,
|
|
const sstring& username,
|
|
bool error) = 0;
|
|
virtual future<> write_login(const sstring& username,
|
|
socket_address node_ip,
|
|
socket_address client_ip,
|
|
bool error) = 0;
|
|
};
|
|
|
|
}
|