logger

package
v0.0.0-...-298dde5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 21, 2022 License: AGPL-3.0 Imports: 35 Imported by: 0

Documentation

Index

Constants

View Source
const (
	Endpoint   = "endpoint"
	AuthToken  = "auth_token"
	ClientCert = "client_cert"
	ClientKey  = "client_key"
	QueueSize  = "queue_size"

	KafkaBrokers       = "brokers"
	KafkaTopic         = "topic"
	KafkaTLS           = "tls"
	KafkaTLSSkipVerify = "tls_skip_verify"
	KafkaTLSClientAuth = "tls_client_auth"
	KafkaSASL          = "sasl"
	KafkaSASLUsername  = "sasl_username"
	KafkaSASLPassword  = "sasl_password"
	KafkaSASLMechanism = "sasl_mechanism"
	KafkaClientTLSCert = "client_tls_cert"
	KafkaClientTLSKey  = "client_tls_key"
	KafkaVersion       = "version"

	EnvLoggerWebhookEnable     = "MINIO_LOGGER_WEBHOOK_ENABLE"
	EnvLoggerWebhookEndpoint   = "MINIO_LOGGER_WEBHOOK_ENDPOINT"
	EnvLoggerWebhookAuthToken  = "MINIO_LOGGER_WEBHOOK_AUTH_TOKEN"
	EnvLoggerWebhookClientCert = "MINIO_LOGGER_WEBHOOK_CLIENT_CERT"
	EnvLoggerWebhookClientKey  = "MINIO_LOGGER_WEBHOOK_CLIENT_KEY"
	EnvLoggerWebhookQueueSize  = "MINIO_LOGGER_WEBHOOK_QUEUE_SIZE"

	EnvAuditWebhookEnable     = "MINIO_AUDIT_WEBHOOK_ENABLE"
	EnvAuditWebhookEndpoint   = "MINIO_AUDIT_WEBHOOK_ENDPOINT"
	EnvAuditWebhookAuthToken  = "MINIO_AUDIT_WEBHOOK_AUTH_TOKEN"
	EnvAuditWebhookClientCert = "MINIO_AUDIT_WEBHOOK_CLIENT_CERT"
	EnvAuditWebhookClientKey  = "MINIO_AUDIT_WEBHOOK_CLIENT_KEY"
	EnvAuditWebhookQueueSize  = "MINIO_AUDIT_WEBHOOK_QUEUE_SIZE"

	EnvKafkaEnable        = "MINIO_AUDIT_KAFKA_ENABLE"
	EnvKafkaBrokers       = "MINIO_AUDIT_KAFKA_BROKERS"
	EnvKafkaTopic         = "MINIO_AUDIT_KAFKA_TOPIC"
	EnvKafkaTLS           = "MINIO_AUDIT_KAFKA_TLS"
	EnvKafkaTLSSkipVerify = "MINIO_AUDIT_KAFKA_TLS_SKIP_VERIFY"
	EnvKafkaTLSClientAuth = "MINIO_AUDIT_KAFKA_TLS_CLIENT_AUTH"
	EnvKafkaSASLEnable    = "MINIO_AUDIT_KAFKA_SASL"
	EnvKafkaSASLUsername  = "MINIO_AUDIT_KAFKA_SASL_USERNAME"
	EnvKafkaSASLPassword  = "MINIO_AUDIT_KAFKA_SASL_PASSWORD"
	EnvKafkaSASLMechanism = "MINIO_AUDIT_KAFKA_SASL_MECHANISM"
	EnvKafkaClientTLSCert = "MINIO_AUDIT_KAFKA_CLIENT_TLS_CERT"
	EnvKafkaClientTLSKey  = "MINIO_AUDIT_KAFKA_CLIENT_TLS_KEY"
	EnvKafkaVersion       = "MINIO_AUDIT_KAFKA_VERSION"
)

Audit/Logger constants

View Source
const (
	InfoLvl LogLevel = iota + 1
	ErrorLvl
	FatalLvl

	Application = madmin.LogKindApplication
	Minio       = madmin.LogKindMinio
	All         = madmin.LogKindAll
)

Enumerated level types

View Source
const ConsoleLoggerTgt = "console+http"

ConsoleLoggerTgt is a stringified value to represent console logging

View Source
const TimeFormat string = "15:04:05 MST 01/02/2006"

TimeFormat - logging time format.

Variables

View Source
var (
	DefaultLoggerWebhookKVS = config.KVS{
		config.KV{
			Key:   config.Enable,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   Endpoint,
			Value: "",
		},
		config.KV{
			Key:   AuthToken,
			Value: "",
		},
		config.KV{
			Key:   ClientCert,
			Value: "",
		},
		config.KV{
			Key:   ClientKey,
			Value: "",
		},
		config.KV{
			Key:   QueueSize,
			Value: "100000",
		},
	}

	DefaultAuditWebhookKVS = config.KVS{
		config.KV{
			Key:   config.Enable,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   Endpoint,
			Value: "",
		},
		config.KV{
			Key:   AuthToken,
			Value: "",
		},
		config.KV{
			Key:   ClientCert,
			Value: "",
		},
		config.KV{
			Key:   ClientKey,
			Value: "",
		},
		config.KV{
			Key:   QueueSize,
			Value: "100000",
		},
	}

	DefaultAuditKafkaKVS = config.KVS{
		config.KV{
			Key:   config.Enable,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   KafkaTopic,
			Value: "",
		},
		config.KV{
			Key:   KafkaBrokers,
			Value: "",
		},
		config.KV{
			Key:   KafkaSASLUsername,
			Value: "",
		},
		config.KV{
			Key:   KafkaSASLPassword,
			Value: "",
		},
		config.KV{
			Key:   KafkaSASLMechanism,
			Value: "plain",
		},
		config.KV{
			Key:   KafkaClientTLSCert,
			Value: "",
		},
		config.KV{
			Key:   KafkaClientTLSKey,
			Value: "",
		},
		config.KV{
			Key:   KafkaTLSClientAuth,
			Value: "0",
		},
		config.KV{
			Key:   KafkaSASL,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   KafkaTLS,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   KafkaTLSSkipVerify,
			Value: config.EnableOff,
		},
		config.KV{
			Key:   KafkaVersion,
			Value: "",
		},
	}
)

Default KVS for loggerHTTP and loggerAuditHTTP

View Source
var (
	Help = config.HelpKVS{
		config.HelpKV{
			Key:         config.Enable,
			Description: "set to 'on' to enable the logger webhook",
			Optional:    true,
			Type:        "on|off",
			Sensitive:   false,
		},
		config.HelpKV{
			Key:         Endpoint,
			Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/server"`,
			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,
			Description: `opaque string or JWT authorization token`,
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         ClientCert,
			Description: "mTLS certificate for Logger Webhook authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         ClientKey,
			Description: "mTLS certificate key for Logger Webhook authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         QueueSize,
			Description: "configure channel queue size for Logger Webhook targets",
			Optional:    true,
			Type:        "number",
		},
		config.HelpKV{
			Key:         config.Comment,
			Description: config.DefaultComment,
			Optional:    true,
			Type:        "sentence",
		},
	}

	HelpWebhook = config.HelpKVS{
		config.HelpKV{
			Key:         config.Enable,
			Description: "set to 'on' to enable the audit logger",
			Optional:    true,
			Type:        "on|off",
			Sensitive:   false,
		},
		config.HelpKV{
			Key:         Endpoint,
			Description: `HTTP(s) endpoint e.g. "http://localhost:8080/minio/logs/audit"`,
			Type:        "url",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         AuthToken,
			Description: `opaque string or JWT authorization token`,
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         ClientCert,
			Description: "mTLS certificate for Audit Webhook authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         ClientKey,
			Description: "mTLS certificate key for Audit Webhook authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         QueueSize,
			Description: "configure channel queue size for Audit Webhook targets",
			Optional:    true,
			Type:        "number",
		},
		config.HelpKV{
			Key:         config.Comment,
			Description: config.DefaultComment,
			Optional:    true,
			Type:        "sentence",
		},
	}

	HelpKafka = config.HelpKVS{
		config.HelpKV{
			Key:         config.Enable,
			Description: "set to 'on' to enable kafka audit logging",
			Optional:    true,
			Type:        "on|off",
			Sensitive:   false,
		},
		config.HelpKV{
			Key:         KafkaBrokers,
			Description: "comma separated list of Kafka broker addresses",
			Type:        "csv",
		},
		config.HelpKV{
			Key:         KafkaTopic,
			Description: "Kafka topic used for bucket notifications",
			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         KafkaSASLUsername,
			Description: "username for SASL/PLAIN or SASL/SCRAM authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         KafkaSASLPassword,
			Description: "password for SASL/PLAIN or SASL/SCRAM authentication",
			Optional:    true,
			Type:        "string",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         KafkaSASLMechanism,
			Description: "sasl authentication mechanism, default 'plain'",
			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         KafkaTLSClientAuth,
			Description: "clientAuth determines the Kafka server's policy for TLS client auth",
			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         KafkaSASL,
			Description: "set to 'on' to enable SASL authentication",
			Optional:    true,
			Type:        "on|off",
		},
		config.HelpKV{
			Key:         KafkaTLS,
			Description: "set to 'on' to enable TLS",
			Optional:    true,
			Type:        "on|off",
		},
		config.HelpKV{
			Key:         KafkaTLSSkipVerify,
			Description: `trust server TLS without verification, defaults to "on" (verify)`,
			Optional:    true,
			Type:        "on|off",
		},
		config.HelpKV{
			Key:         KafkaClientTLSCert,
			Description: "path to client certificate for mTLS auth",
			Optional:    true,
			Type:        "path",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         KafkaClientTLSKey,
			Description: "path to client key for mTLS auth",
			Optional:    true,
			Type:        "path",
			Sensitive:   true,
		},
		config.HelpKV{
			Key:         KafkaVersion,
			Description: "specify the version of the Kafka cluster",
			Optional:    true,
			Type:        "string",
		},
		config.HelpKV{
			Key:         config.Comment,
			Description: config.DefaultComment,
			Optional:    true,
			Type:        "sentence",
		},
	}
)

Help template for logger http and audit

View Source
var BodyPlaceHolder = []byte("<BODY>")

BodyPlaceHolder returns a dummy body placeholder

View Source
var ErrCritical struct{}

ErrCritical is the value panic'd whenever CriticalIf is called.

View Source
var ExitFunc = os.Exit

ExitFunc is called by Fatal() class functions, by default it calls os.Exit()

View Source
var MinimumLogLevel = InfoLvl

MinimumLogLevel holds the minimum logging level to print - info by default

Functions

func AddSystemTarget

func AddSystemTarget(t Target) error

AddSystemTarget adds a new logger target to the list of enabled loggers

func AuditLog

func AuditLog(ctx context.Context, w http.ResponseWriter, r *http.Request, reqClaims map[string]interface{}, filterKeys ...string)

AuditLog - logs audit logs to all audit targets.

func CriticalIf

func CriticalIf(ctx context.Context, err error, errKind ...interface{})

CriticalIf logs the provided error on the console. It fails the current go-routine by causing a `panic(ErrCritical)`.

func CurrentStats

func CurrentStats() map[string]types.TargetStats

CurrentStats returns the current statistics.

func EnableAnonymous

func EnableAnonymous()

EnableAnonymous - turns anonymous flag to avoid printing sensitive information.

func EnableJSON

func EnableJSON()

EnableJSON - outputs logs in json format.

func EnableQuiet

func EnableQuiet()

EnableQuiet - turns quiet option on.

func Error

func Error(msg string, data ...interface{})

Error :

func Fatal

func Fatal(err error, msg string, data ...interface{})

Fatal prints only fatal error message with no stack trace it will be called for input validation failures

func FatalIf

func FatalIf(err error, msg string, data ...interface{})

FatalIf is similar to Fatal() but it ignores passed nil error

func GetAuditEntry

func GetAuditEntry(ctx context.Context) *audit.Entry

GetAuditEntry returns Audit entry if set.

func Info

func Info(msg string, data ...interface{})

Info :

func Init

func Init(goPath string, goRoot string)

Init sets the trimStrings to possible GOPATHs and GOROOT directories. Also append github.com/minio/minio This is done to clean up the filename, when stack trace is displayed when an error happens.

func IsJSON

func IsJSON() bool

IsJSON - returns true if jsonFlag is true

func IsQuiet

func IsQuiet() bool

IsQuiet - returns true if quietFlag is true

func LogAlwaysIf

func LogAlwaysIf(ctx context.Context, err error, errKind ...interface{})

LogAlwaysIf prints a detailed error message during the execution of the server.

func LogIf

func LogIf(ctx context.Context, err error, errKind ...interface{})

LogIf prints a detailed error message during the execution of the server, if it is not an ignored error.

func LogOnceConsoleIf

func LogOnceConsoleIf(ctx context.Context, err error, id string, errKind ...interface{})

LogOnceConsoleIf - similar to LogOnceIf but exclusively only logs to console target.

func LogOnceIf

func LogOnceIf(ctx context.Context, err error, id string, errKind ...interface{})

LogOnceIf - Logs notification errors - once per error. id is a unique identifier for related log messages, refer to cmd/notification.go on how it is used.

func RegisterError

func RegisterError(f func(string, error, bool) string)

RegisterError registers the specified rendering function. This latter will be called for a pretty rendering of fatal errors.

func SetAuditEntry

func SetAuditEntry(ctx context.Context, audit *audit.Entry) context.Context

SetAuditEntry sets Audit info in the context.

func SetLoggerHTTP

func SetLoggerHTTP(scfg config.Config, k string, args http.Config)

SetLoggerHTTP helper for migrating older config to newer KV format.

func SetLoggerHTTPAudit

func SetLoggerHTTPAudit(scfg config.Config, k string, args http.Config)

SetLoggerHTTPAudit - helper for migrating older config to newer KV format.

func SetReqInfo

func SetReqInfo(ctx context.Context, req *ReqInfo) context.Context

SetReqInfo sets ReqInfo in the context.

func UpdateAuditKafkaTargets

func UpdateAuditKafkaTargets(cfg Config) error

UpdateAuditKafkaTargets swaps audit kafka targets with newly loaded ones from the cfg

func UpdateAuditWebhookTargets

func UpdateAuditWebhookTargets(cfg Config) error

UpdateAuditWebhookTargets swaps audit webhook targets with newly loaded ones from the cfg

func UpdateSystemTargets

func UpdateSystemTargets(cfg Config) error

UpdateSystemTargets swaps targets with newly loaded ones from the cfg

func ValidateSubSysConfig

func ValidateSubSysConfig(scfg config.Config, subSys string) error

ValidateSubSysConfig - validates logger related config of given sub-system

Types

type Config

type Config struct {
	Console      Console                 `json:"console"`
	HTTP         map[string]http.Config  `json:"http"`
	AuditWebhook map[string]http.Config  `json:"audit"`
	AuditKafka   map[string]kafka.Config `json:"audit_kafka"`
}

Config console and http logger targets

func LookupConfigForSubSys

func LookupConfigForSubSys(scfg config.Config, subSys string) (cfg Config, err error)

LookupConfigForSubSys - lookup logger config, override with ENVs if set, for the given sub-system

func NewConfig

func NewConfig() Config

NewConfig - initialize new logger config.

type Console

type Console struct {
	Enabled bool `json:"enabled"`
}

Console logger target

type KeyVal

type KeyVal struct {
	Key string
	Val interface{}
}

KeyVal - appended to ReqInfo.Tags

type LogLevel

type LogLevel int8

LogLevel type

func (LogLevel) String

func (level LogLevel) String() string

type LogOnce

type LogOnce func(ctx context.Context, err error, id string, errKind ...interface{})

LogOnce provides the function type for logger.LogOnceIf() function

type Logger

type Logger interface {
	// contains filtered or unexported methods
}

Logger interface describes the methods that need to be implemented to satisfy the interface requirements.

type ObjectVersion

type ObjectVersion struct {
	ObjectName string
	VersionID  string `json:"VersionId,omitempty"`
}

ObjectVersion object version key/versionId

type ReqInfo

type ReqInfo struct {
	RemoteHost   string           // Client Host/IP
	Host         string           // Node Host/IP
	UserAgent    string           // User Agent
	DeploymentID string           // x-minio-deployment-id
	RequestID    string           // x-amz-request-id
	API          string           // API name - GetObject PutObject NewMultipartUpload etc.
	BucketName   string           `json:",omitempty"` // Bucket name
	ObjectName   string           `json:",omitempty"` // Object name
	VersionID    string           `json:",omitempty"` // corresponding versionID for the object
	Objects      []ObjectVersion  `json:",omitempty"` // Only set during MultiObject delete handler.
	Cred         auth.Credentials `json:"-"`
	Region       string           `json:"-"`
	Owner        bool             `json:"-"`
	AuthType     string           `json:"-"`

	sync.RWMutex
	// contains filtered or unexported fields
}

ReqInfo stores the request info. Reading/writing directly to struct requires appropriate R/W lock.

func GetReqInfo

func GetReqInfo(ctx context.Context) *ReqInfo

GetReqInfo returns ReqInfo if set.

func NewReqInfo

func NewReqInfo(remoteHost, userAgent, deploymentID, requestID, api, bucket, object string) *ReqInfo

NewReqInfo :

func (*ReqInfo) AppendTags

func (r *ReqInfo) AppendTags(key string, val interface{}) *ReqInfo

AppendTags - appends key/val to ReqInfo.tags

func (*ReqInfo) GetTags

func (r *ReqInfo) GetTags() []KeyVal

GetTags - returns the user defined tags

func (*ReqInfo) GetTagsMap

func (r *ReqInfo) GetTagsMap() map[string]interface{}

GetTagsMap - returns the user defined tags in a map structure

func (*ReqInfo) SetTags

func (r *ReqInfo) SetTags(key string, val interface{}) *ReqInfo

SetTags - sets key/val to ReqInfo.tags

type ResponseWriter

type ResponseWriter struct {
	http.ResponseWriter
	StatusCode int
	// Log body of 4xx or 5xx responses
	LogErrBody bool
	// Log body of all responses
	LogAllBody bool

	TimeToFirstByte time.Duration
	StartTime       time.Time
	// contains filtered or unexported fields
}

ResponseWriter - is a wrapper to trap the http response status code.

func NewResponseWriter

func NewResponseWriter(w http.ResponseWriter) *ResponseWriter

NewResponseWriter - returns a wrapped response writer to trap http status codes for auditing purposes.

func (*ResponseWriter) Body

func (lrw *ResponseWriter) Body() []byte

Body - Return response body.

func (*ResponseWriter) Flush

func (lrw *ResponseWriter) Flush()

Flush - Calls the underlying Flush.

func (*ResponseWriter) HeaderSize

func (lrw *ResponseWriter) HeaderSize() int

HeaderSize - returns the number of bytes of response headers written

func (*ResponseWriter) Size

func (lrw *ResponseWriter) Size() int

Size - returns the number of bytes written

func (*ResponseWriter) Write

func (lrw *ResponseWriter) Write(p []byte) (int, error)

func (*ResponseWriter) WriteHeader

func (lrw *ResponseWriter) WriteHeader(code int)

WriteHeader - writes http status code

type Target

type Target interface {
	String() string
	Endpoint() string
	Stats() types.TargetStats
	Init() error
	Cancel()
	Send(entry interface{}) error
	Type() types.TargetType
}

Target is the entity that we will receive a single log entry and Send it to the log target

e.g. Send the log to a http server

func AuditTargets

func AuditTargets() []Target

AuditTargets returns active audit targets. Returned slice may not be modified in any way.

func SystemTargets

func SystemTargets() []Target

SystemTargets returns active targets. Returned slice may not be modified in any way.

Directories

Path Synopsis
message
log
target

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL