yumapro
24.10-3
YumaPro SDK
|
The Audit Log Manager generates events for the security audit log. More...
Functions | |
void | agt_audit_handle_edit_record (op_editop_t editop, ses_cb_t *scb, rpc_msg_t *msg, val_value_t *curnode_clone, val_value_t *newnode, val_value_t *curnode) |
Create and store a change-audit record, if needed. More... | |
void | agt_audit_handle_update_startup (ses_cb_t *scb, rpc_msg_t *msg, const xmlChar *sourcetype, const xmlChar *sourcename) |
Create and store an update-startup audit record, if needed. More... | |
void | agt_audit_handle_start_session (ses_cb_t *scb) |
Generate a start (client or control) session event if enabled. More... | |
void | agt_audit_handle_end_session (ses_cb_t *scb, ses_term_reason_t termreason, ses_id_t killedby) |
Generate an end (client or control) session event if enabled. More... | |
void | agt_audit_handle_acm_write_error (const xmlChar *user, val_value_t *val, op_editop_t editop) |
Generate an acm-write-error event if enabled. More... | |
void | agt_audit_handle_acm_exec_error (const xmlChar *user, const xmlChar *modname, const xmlChar *rpcname) |
Generate an acm-exec-error event if enabled. More... | |
void | agt_audit_handle_rpc_summary (ses_cb_t *scb, rpc_msg_t *msg) |
Create and store an rpc-summary event audit record, if needed. More... | |
uint32 | agt_audit_cvt_log_events (val_value_t *val, status_t *res) |
Get the binary bits from the YANG bits value. More... | |
boolean | agt_audit_log_edit_candidate (void) |
Check if <candidate> edit events are being collected. More... | |
boolean | agt_audit_log_edit_running (void) |
Check if <running> edit events are being collected. More... | |
boolean | agt_audit_log_update_startup (void) |
Check if <startup> update events are being collected. More... | |
boolean | agt_audit_log_client_session (void) |
Check if client session events are being collected. More... | |
boolean | agt_audit_log_control_session (void) |
Check if control session events are being collected. More... | |
boolean | agt_audit_log_nacm_write_error (void) |
Check if NACM write-access errors are being collected. More... | |
boolean | agt_audit_log_nacm_exec_error (void) |
Check if NACM exec-access errors are being collected. More... | |
boolean | agt_audit_log_rpc_summary (void) |
Check if RPC summary events are being collected. More... | |
boolean | agt_audit_log_edit_data (void) |
Check if edit-data events are being collected. More... | |
boolean | agt_audit_log_rpc_error (void) |
Check if rpc-error events are being collected. More... | |
The Audit Log Manager generates events for the security audit log.
The events are configured through the –audit-log-events parameter.
This audit log is not enabled at all unless the –audit-log parameter is configured in the server.
uint32 agt_audit_cvt_log_events | ( | val_value_t * | val, |
status_t * | res | ||
) |
Get the binary bits from the YANG bits value.
val | value struct with the CLI parameter | |
[out] | res | address of return status; *res return status |
void agt_audit_handle_acm_exec_error | ( | const xmlChar * | user, |
const xmlChar * | modname, | ||
const xmlChar * | rpcname | ||
) |
Generate an acm-exec-error event if enabled.
user | the user name |
modname | the RPC module name |
rpcname | the RPC method name |
void agt_audit_handle_acm_write_error | ( | const xmlChar * | user, |
val_value_t * | val, | ||
op_editop_t | editop | ||
) |
Generate an acm-write-error event if enabled.
user | the user name |
val | the value node that got an access-denied error |
editop | the edit operation enum |
void agt_audit_handle_edit_record | ( | op_editop_t | editop, |
ses_cb_t * | scb, | ||
rpc_msg_t * | msg, | ||
val_value_t * | curnode_clone, | ||
val_value_t * | newnode, | ||
val_value_t * | curnode | ||
) |
Create and store a change-audit record, if needed.
this function generates a log message if log level set to LOG_INFO or higher; An audit record for a sysConfigChange event is also generated
editop | edit operation requested |
scb | session control block |
msg | RPC message in progress |
curnode_clone | value to display for deletes |
newnode | top new value node involved in edit |
curnode | top cur value node involved in edit |
void agt_audit_handle_end_session | ( | ses_cb_t * | scb, |
ses_term_reason_t | termreason, | ||
ses_id_t | killedby | ||
) |
Generate an end (client or control) session event if enabled.
scb | session control block |
termreason | enum for the session end reason |
killedby | session ID (relevant if reason=killed) |
Create and store an rpc-summary event audit record, if needed.
scb | session changing the startup datastore |
msg | request message |
void agt_audit_handle_start_session | ( | ses_cb_t * | scb | ) |
Generate a start (client or control) session event if enabled.
scb | session control block |
void agt_audit_handle_update_startup | ( | ses_cb_t * | scb, |
rpc_msg_t * | msg, | ||
const xmlChar * | sourcetype, | ||
const xmlChar * | sourcename | ||
) |
Create and store an update-startup audit record, if needed.
scb | session changing the startup datastore |
msg | request message |
sourcetype | source of update |
sourcename | name of update source |
boolean agt_audit_log_client_session | ( | void | ) |
Check if client session events are being collected.
boolean agt_audit_log_control_session | ( | void | ) |
Check if control session events are being collected.
boolean agt_audit_log_edit_candidate | ( | void | ) |
Check if <candidate> edit events are being collected.
boolean agt_audit_log_edit_data | ( | void | ) |
Check if edit-data events are being collected.
boolean agt_audit_log_edit_running | ( | void | ) |
Check if <running> edit events are being collected.
boolean agt_audit_log_nacm_exec_error | ( | void | ) |
Check if NACM exec-access errors are being collected.
boolean agt_audit_log_nacm_write_error | ( | void | ) |
Check if NACM write-access errors are being collected.
boolean agt_audit_log_rpc_error | ( | void | ) |
Check if rpc-error events are being collected.
boolean agt_audit_log_rpc_summary | ( | void | ) |
Check if RPC summary events are being collected.
boolean agt_audit_log_update_startup | ( | void | ) |
Check if <startup> update events are being collected.