Documentation ¶
Index ¶
- Constants
- Variables
- func AddSystemTarget(t Target) error
- func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, ...)
- func CriticalIf(ctx context.Context, err error, errKind ...interface{})
- func EnableAnonymous()
- func EnableJSON()
- func EnableQuiet()
- func Error(msg string, data ...interface{})
- func Fatal(err error, msg string, data ...interface{})
- func FatalIf(err error, msg string, data ...interface{})
- func GetAuditEntry(ctx context.Context) *audit.Entry
- func Info(msg string, data ...interface{})
- func Init(goPath string, goRoot string)
- func IsJSON() bool
- func IsQuiet() bool
- func LogAlwaysIf(ctx context.Context, err error, errKind ...interface{})
- func LogIf(ctx context.Context, err error, errKind ...interface{})
- func LogOnceConsoleIf(ctx context.Context, err error, id string, errKind ...interface{})
- func LogOnceIf(ctx context.Context, err error, id string, errKind ...interface{})
- func RegisterError(f func(string, error, bool) string)
- func SetAuditEntry(ctx context.Context, audit *audit.Entry) context.Context
- func SetLoggerHTTP(scfg config.Config, k string, args http.Config)
- func SetLoggerHTTPAudit(scfg config.Config, k string, args http.Config)
- func SetReqInfo(ctx context.Context, req *ReqInfo) context.Context
- func UpdateAuditKafkaTargets(cfg Config) error
- func UpdateAuditWebhookTargets(cfg Config) error
- func UpdateSystemTargets(cfg Config) error
- func ValidateSubSysConfig(scfg config.Config, subSys string) error
- type Config
- type Console
- type KeyVal
- type LogLevel
- type LogOnce
- type Logger
- type ObjectVersion
- type ReqInfo
- type ResponseWriter
- type Target
Constants ¶
const ( Endpoint = "endpoint" AuthToken = "auth_token" ClientCert = "client_cert" ClientKey = "client_key" QueueSize = "queue_size" KafkaBrokers = "brokers" KafkaTopic = "topic" KafkaTLS = "tls" KafkaTLSSkipVerify = "tls_skip_verify" KafkaTLSClientAuth = "tls_client_auth" KafkaSASL = "sasl" KafkaSASLUsername = "sasl_username" KafkaSASLPassword = "sasl_password" KafkaSASLMechanism = "sasl_mechanism" KafkaClientTLSCert = "client_tls_cert" KafkaClientTLSKey = "client_tls_key" KafkaVersion = "version" EnvLoggerWebhookEnable = "MINIO_LOGGER_WEBHOOK_ENABLE" EnvLoggerWebhookEndpoint = "MINIO_LOGGER_WEBHOOK_ENDPOINT" EnvLoggerWebhookAuthToken = "MINIO_LOGGER_WEBHOOK_AUTH_TOKEN" EnvLoggerWebhookClientCert = "MINIO_LOGGER_WEBHOOK_CLIENT_CERT" EnvLoggerWebhookClientKey = "MINIO_LOGGER_WEBHOOK_CLIENT_KEY" EnvLoggerWebhookQueueSize = "MINIO_LOGGER_WEBHOOK_QUEUE_SIZE" EnvAuditWebhookEnable = "MINIO_AUDIT_WEBHOOK_ENABLE" EnvAuditWebhookEndpoint = "MINIO_AUDIT_WEBHOOK_ENDPOINT" EnvAuditWebhookAuthToken = "MINIO_AUDIT_WEBHOOK_AUTH_TOKEN" EnvAuditWebhookClientCert = "MINIO_AUDIT_WEBHOOK_CLIENT_CERT" EnvAuditWebhookClientKey = "MINIO_AUDIT_WEBHOOK_CLIENT_KEY" EnvAuditWebhookQueueSize = "MINIO_AUDIT_WEBHOOK_QUEUE_SIZE" EnvKafkaEnable = "MINIO_AUDIT_KAFKA_ENABLE" EnvKafkaBrokers = "MINIO_AUDIT_KAFKA_BROKERS" EnvKafkaTopic = "MINIO_AUDIT_KAFKA_TOPIC" EnvKafkaTLS = "MINIO_AUDIT_KAFKA_TLS" EnvKafkaTLSSkipVerify = "MINIO_AUDIT_KAFKA_TLS_SKIP_VERIFY" EnvKafkaTLSClientAuth = "MINIO_AUDIT_KAFKA_TLS_CLIENT_AUTH" EnvKafkaSASLEnable = "MINIO_AUDIT_KAFKA_SASL" EnvKafkaSASLUsername = "MINIO_AUDIT_KAFKA_SASL_USERNAME" EnvKafkaSASLPassword = "MINIO_AUDIT_KAFKA_SASL_PASSWORD" EnvKafkaSASLMechanism = "MINIO_AUDIT_KAFKA_SASL_MECHANISM" EnvKafkaClientTLSCert = "MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT" EnvKafkaClientTLSKey = "MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY" EnvKafkaVersion = "MINIO_AUDIT_KAFKA_VERSION" )
Audit/Logger constants
const ( InfoLvl LogLevel = iota + 1 ErrorLvl FatalLvl Application = madmin.LogKindApplication Minio = madmin.LogKindMinio All = madmin.LogKindAll )
Enumerated level types
const ConsoleLoggerTgt = "console+http"
ConsoleLoggerTgt is a stringified value to represent console logging
const TimeFormat string = "15:04:05 MST 01/02/2006"
TimeFormat - logging time format.
Variables ¶
var ( DefaultLoggerWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, } DefaultAuditWebhookKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: Endpoint, Value: "", }, config.KV{ Key: AuthToken, Value: "", }, config.KV{ Key: ClientCert, Value: "", }, config.KV{ Key: ClientKey, Value: "", }, config.KV{ Key: QueueSize, Value: "100000", }, } DefaultAuditKafkaKVS = config.KVS{ config.KV{ Key: config.Enable, Value: config.EnableOff, }, config.KV{ Key: KafkaTopic, Value: "", }, config.KV{ Key: KafkaBrokers, Value: "", }, config.KV{ Key: KafkaSASLUsername, Value: "", }, config.KV{ Key: KafkaSASLPassword, Value: "", }, config.KV{ Key: KafkaSASLMechanism, Value: "plain", }, config.KV{ Key: KafkaClientTLSCert, Value: "", }, config.KV{ Key: KafkaClientTLSKey, Value: "", }, config.KV{ Key: KafkaTLSClientAuth, Value: "0", }, config.KV{ Key: KafkaSASL, Value: config.EnableOff, }, config.KV{ Key: KafkaTLS, Value: config.EnableOff, }, config.KV{ Key: KafkaTLSSkipVerify, Value: config.EnableOff, }, config.KV{ Key: KafkaVersion, Value: "", }, } )
Default KVS for loggerHTTP and loggerAuditHTTP
var ( Help = config.HelpKVS{ config.HelpKV{ Key: config.Enable, Description: "set to 'on' to enable the logger webhook", Optional: true, Type: "on|off", Sensitive: false, }, config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/server"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for Logger Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for Logger Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for Logger Webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpWebhook = config.HelpKVS{ config.HelpKV{ Key: config.Enable, Description: "set to 'on' to enable the audit logger", Optional: true, Type: "on|off", Sensitive: false, }, config.HelpKV{ Key: Endpoint, Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/audit"`, Type: "url", Sensitive: true, }, config.HelpKV{ Key: AuthToken, Description: `opaque string or JWT authorization token`, Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientCert, Description: "mTLS certificate for Audit Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: ClientKey, Description: "mTLS certificate key for Audit Webhook authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: QueueSize, Description: "configure channel queue size for Audit Webhook targets", Optional: true, Type: "number", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } HelpKafka = config.HelpKVS{ config.HelpKV{ Key: config.Enable, Description: "set to 'on' to enable kafka audit logging", Optional: true, Type: "on|off", Sensitive: false, }, config.HelpKV{ Key: KafkaBrokers, Description: "comma separated list of Kafka broker addresses", Type: "csv", }, config.HelpKV{ Key: KafkaTopic, Description: "Kafka topic used for bucket notifications", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASLUsername, Description: "username for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: KafkaSASLPassword, Description: "password for SASL/PLAIN or SASL/SCRAM authentication", Optional: true, Type: "string", Sensitive: true, }, config.HelpKV{ Key: KafkaSASLMechanism, Description: "sasl authentication mechanism, default 'plain'", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaTLSClientAuth, Description: "clientAuth determines the Kafka server's policy for TLS client auth", Optional: true, Type: "string", }, config.HelpKV{ Key: KafkaSASL, Description: "set to 'on' to enable SASL authentication", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLS, Description: "set to 'on' to enable TLS", Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaTLSSkipVerify, Description: `trust server TLS without verification, defaults to "on" (verify)`, Optional: true, Type: "on|off", }, config.HelpKV{ Key: KafkaClientTLSCert, Description: "path to client certificate for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaClientTLSKey, Description: "path to client key for mTLS auth", Optional: true, Type: "path", Sensitive: true, }, config.HelpKV{ Key: KafkaVersion, Description: "specify the version of the Kafka cluster", Optional: true, Type: "string", }, config.HelpKV{ Key: config.Comment, Description: config.DefaultComment, Optional: true, Type: "sentence", }, } )
Help template for logger http and audit
var BodyPlaceHolder = []byte("<BODY>")
BodyPlaceHolder returns a dummy body placeholder
var ErrCritical struct{}
ErrCritical is the value panic'd whenever CriticalIf is called.
var ExitFunc = os.Exit
ExitFunc is called by Fatal() class functions, by default it calls os.Exit()
var MinimumLogLevel = InfoLvl
MinimumLogLevel holds the minimum logging level to print - info by default
Functions ¶
func AddSystemTarget ¶
AddSystemTarget adds a new logger target to the list of enabled loggers
func AuditLog ¶
func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string)
AuditLog - logs audit logs to all audit targets.
func CriticalIf ¶
CriticalIf logs the provided error on the console. It fails the current go-routine by causing a `panic(ErrCritical)`.
func EnableAnonymous ¶
func EnableAnonymous()
EnableAnonymous - turns anonymous flag to avoid printing sensitive information.
func Fatal ¶
Fatal prints only fatal error message with no stack trace it will be called for input validation failures
func GetAuditEntry ¶
GetAuditEntry returns Audit entry if set.
func Init ¶
Init sets the trimStrings to possible GOPATHs and GOROOT directories. Also append github.com/minio/minio This is done to clean up the filename, when stack trace is displayed when an error happens.
func LogAlwaysIf ¶
LogAlwaysIf prints a detailed error message during the execution of the server.
func LogIf ¶
LogIf prints a detailed error message during the execution of the server, if it is not an ignored error.
func LogOnceConsoleIf ¶
LogOnceConsoleIf - similar to LogOnceIf but exclusively only logs to console target.
func LogOnceIf ¶
LogOnceIf - Logs notification errors - once per error. id is a unique identifier for related log messages, refer to cmd/notification.go on how it is used.
func RegisterError ¶
RegisterError registers the specified rendering function. This latter will be called for a pretty rendering of fatal errors.
func SetAuditEntry ¶
SetAuditEntry sets Audit info in the context.
func SetLoggerHTTP ¶
SetLoggerHTTP helper for migrating older config to newer KV format.
func SetLoggerHTTPAudit ¶
SetLoggerHTTPAudit - helper for migrating older config to newer KV format.
func SetReqInfo ¶
SetReqInfo sets ReqInfo in the context.
func UpdateAuditKafkaTargets ¶
UpdateAuditKafkaTargets swaps audit kafka targets with newly loaded ones from the cfg
func UpdateAuditWebhookTargets ¶
UpdateAuditWebhookTargets swaps audit webhook targets with newly loaded ones from the cfg
func UpdateSystemTargets ¶
UpdateSystemTargets swaps targets with newly loaded ones from the cfg
Types ¶
type Config ¶
type Config struct { Console Console `json:"console"` HTTP map[string]http.Config `json:"http"` AuditWebhook map[string]http.Config `json:"audit"` AuditKafka map[string]kafka.Config `json:"audit_kafka"` }
Config console and http logger targets
func LookupConfigForSubSys ¶
LookupConfigForSubSys - lookup logger config, override with ENVs if set, for the given sub-system
type Logger ¶
type Logger interface {
// contains filtered or unexported methods
}
Logger interface describes the methods that need to be implemented to satisfy the interface requirements.
type ObjectVersion ¶
ObjectVersion object version key/versionId
type ReqInfo ¶
type ReqInfo struct { RemoteHost string // Client Host/IP Host string // Node Host/IP UserAgent string // User Agent DeploymentID string // x-minio-deployment-id RequestID string // x-amz-request-id API string // API name - GetObject PutObject NewMultipartUpload etc. BucketName string `json:",omitempty"` // Bucket name ObjectName string `json:",omitempty"` // Object name VersionID string `json:",omitempty"` // corresponding versionID for the object Objects []ObjectVersion `json:",omitempty"` // Only set during MultiObject delete handler. Cred auth.Credentials `json:"-"` Region string `json:"-"` Owner bool `json:"-"` AuthType string `json:"-"` sync.RWMutex // contains filtered or unexported fields }
ReqInfo stores the request info. Reading/writing directly to struct requires appropriate R/W lock.
func NewReqInfo ¶
func NewReqInfo(remoteHost, userAgent, deploymentID, requestID, api, bucket, object string) *ReqInfo
NewReqInfo :
func (*ReqInfo) AppendTags ¶
AppendTags - appends key/val to ReqInfo.tags
func (*ReqInfo) GetTagsMap ¶
GetTagsMap - returns the user defined tags in a map structure
type ResponseWriter ¶
type ResponseWriter struct { http.ResponseWriter StatusCode int // Log body of 4xx or 5xx responses LogErrBody bool // Log body of all responses LogAllBody bool TimeToFirstByte time.Duration StartTime time.Time // contains filtered or unexported fields }
ResponseWriter - is a wrapper to trap the http response status code.
func NewResponseWriter ¶
func NewResponseWriter(w http.ResponseWriter) *ResponseWriter
NewResponseWriter - returns a wrapped response writer to trap http status codes for auditing purposes.
func (*ResponseWriter) Flush ¶
func (lrw *ResponseWriter) Flush()
Flush - Calls the underlying Flush.
func (*ResponseWriter) HeaderSize ¶
func (lrw *ResponseWriter) HeaderSize() int
HeaderSize - returns the number of bytes of response headers written
func (*ResponseWriter) Size ¶
func (lrw *ResponseWriter) Size() int
Size - returns the number of bytes written
func (*ResponseWriter) WriteHeader ¶
func (lrw *ResponseWriter) WriteHeader(code int)
WriteHeader - writes http status code
type Target ¶
type Target interface { String() string Endpoint() string Init() error Cancel() Send(entry interface{}) error Type() types.TargetType }
Target is the entity that we will receive a single log entry and Send it to the log target
e.g. Send the log to a http server
func AuditTargets ¶
func AuditTargets() []Target
AuditTargets returns active audit targets. Returned slice may not be modified in any way.
func SystemTargets ¶
func SystemTargets() []Target
SystemTargets returns active targets. Returned slice may not be modified in any way.