Merge pull request #11695 from HJianBo/audit-logs-from

2023-09-28 13:50:55 +08:00 · 2023-09-28 13:50:55 +08:00 · 69207b7a63
parent ece7d5b52a 6d2adfc259
commit 69207b7a63
7 changed files with 15 additions and 16 deletions
--- a/apps/emqx/include/logger.hrl
+++ b/apps/emqx/include/logger.hrl
@ -61,7 +61,7 @@
    )
 end).

-define(AUDIT(_Level_, _Msg_, _Meta_), begin
+-define(AUDIT(_Level_, _From_, _Meta_), begin
    case emqx_config:get([log, audit], #{enable => false}) of
        #{enable := false} ->
            ok;
@ -71,8 +71,8 @@ end).
                    emqx_trace:log(
                        _Level_,
                        [{emqx_audit, fun(L, _) -> L end, undefined, undefined}],
-                        {report, _Msg_},
-                        _Meta_
+                        _Msg = undefined,
+                        _Meta_#{from => _From_}
                    );
                gt ->
                    ok
--- a/apps/emqx/src/emqx_logger_jsonfmt.erl
+++ b/apps/emqx/src/emqx_logger_jsonfmt.erl
@ -93,6 +93,8 @@ format(Msg, Meta, Config) ->
        end,
    emqx_utils_json:encode(json_obj_root(Data, Config)).

+maybe_format_msg(undefined, _Meta, _Config) ->
+    #{};
 maybe_format_msg({report, Report} = Msg, #{report_cb := Cb} = Meta, Config) ->
    case is_map(Report) andalso Cb =:= ?DEFAULT_FORMATTER of
        true ->
--- a/apps/emqx_ctl/src/emqx_ctl.erl
+++ b/apps/emqx_ctl/src/emqx_ctl.erl
@ -145,7 +145,7 @@ run_command(Cmd, Args) when is_atom(Cmd) ->

    audit_log(
        audit_level(Result, Duration),
-        "from_cli",
+        cli,
        #{duration_ms => Duration, cmd => Cmd, args => Args, node => node()}
    ),
    Result.
--- a/apps/emqx_dashboard/src/emqx_dashboard_audit.erl
+++ b/apps/emqx_dashboard/src/emqx_dashboard_audit.erl
@ -25,23 +25,19 @@ log(Meta0) ->
    Duration = erlang:convert_time_unit(ReqEnd - ReqStart, native, millisecond),
    Level = level(Method, Code, Duration),
    Username = maps:get(username, Meta0, <<"">>),
+    From = from(maps:get(auth_type, Meta0, "")),
    Meta1 = maps:without([req_start, req_end], Meta0),
    Meta2 = Meta1#{time => logger:timestamp(), duration_ms => Duration},
    Meta = emqx_utils:redact(Meta2),
    ?AUDIT(
        Level,
-        "from_api",
-        Meta#{
-            from => from(maps:get(auth_type, Meta0, "")),
-            username => binary_to_list(Username),
-            node => node()
-        }
+        From,
+        Meta#{username => binary_to_list(Username), node => node()}
    ),
    ok.

 from(jwt_token) -> "dashboard";
-from(api_key) -> "aip_key";
-from(_) -> "unauthorized".
+from(_) -> "rest_api".

 level(get, _Code, _) -> debug;
 level(_, Code, _) when Code >= 200 andalso Code < 300 -> info;
--- a/apps/emqx_machine/src/emqx_machine_boot.erl
+++ b/apps/emqx_machine/src/emqx_machine_boot.erl
@ -47,7 +47,7 @@ post_boot() ->
    ok = ensure_apps_started(),
    ok = print_vsn(),
    ok = start_autocluster(),
-    ?AUDIT(alert, "from_cli", #{time => logger:timestamp(), event => "emqx_start"}),
+    ?AUDIT(alert, cli, #{time => logger:timestamp(), event => "emqx_start"}),
    ignore.

 -ifdef(TEST).
--- a/apps/emqx_machine/src/emqx_machine_terminator.erl
+++ b/apps/emqx_machine/src/emqx_machine_terminator.erl
@ -67,8 +67,9 @@ graceful() ->

 %% @doc Shutdown the Erlang VM and wait indefinitely.
 graceful_wait() ->
-    ?AUDIT(alert, "from_cli", #{
-        time => logger:timestamp(), msg => "run_emqx_stop_to_grace_shutdown"
+    ?AUDIT(alert, cli, #{
+        time => logger:timestamp(),
+        event => emqx_gracefully_stop
    }),
    ok = graceful(),
    exit_loop().
--- a/apps/emqx_machine/src/emqx_restricted_shell.erl
+++ b/apps/emqx_machine/src/emqx_restricted_shell.erl
@ -112,7 +112,7 @@ max_heap_size_warning(MF, Args) ->
 log(_, {?MODULE, prompt_func}, [[{history, _}]]) ->
    ok;
 log(IsAllow, MF, Args) ->
-    ?AUDIT(warning, "from_remote_console", #{
+    ?AUDIT(warning, erlang_console, #{
        time => logger:timestamp(),
        function => MF,
        args => pp_args(Args),