The Audit Log Manager generates events for the security audit log.
More...
|
void | agt_audit_handle_edit_record (op_editop_t editop, ses_cb_t *scb, rpc_msg_t *msg, val_value_t *curnode_clone, val_value_t *newnode, val_value_t *curnode) |
| Create and store a change-audit record, if needed. More...
|
|
void | agt_audit_handle_update_startup (ses_cb_t *scb, rpc_msg_t *msg, const xmlChar *sourcetype, const xmlChar *sourcename) |
| Create and store an update-startup audit record, if needed. More...
|
|
void | agt_audit_handle_start_session (ses_cb_t *scb) |
| Generate a start (client or control) session event if enabled. More...
|
|
void | agt_audit_handle_end_session (ses_cb_t *scb, ses_term_reason_t termreason, ses_id_t killedby) |
| Generate an end (client or control) session event if enabled. More...
|
|
void | agt_audit_handle_acm_write_error (const xmlChar *user, val_value_t *val, op_editop_t editop) |
| Generate an acm-write-error event if enabled. More...
|
|
void | agt_audit_handle_acm_exec_error (const xmlChar *user, const xmlChar *modname, const xmlChar *rpcname) |
| Generate an acm-exec-error event if enabled. More...
|
|
void | agt_audit_handle_rpc_summary (ses_cb_t *scb, rpc_msg_t *msg) |
| Create and store an rpc-summary event audit record, if needed. More...
|
|
uint32 | agt_audit_cvt_log_events (val_value_t *val, status_t *res) |
| Get the binary bits from the YANG bits value. More...
|
|
boolean | agt_audit_log_edit_candidate (void) |
| Check if <candidate> edit events are being collected. More...
|
|
boolean | agt_audit_log_edit_running (void) |
| Check if <running> edit events are being collected. More...
|
|
boolean | agt_audit_log_update_startup (void) |
| Check if <startup> update events are being collected. More...
|
|
boolean | agt_audit_log_client_session (void) |
| Check if client session events are being collected. More...
|
|
boolean | agt_audit_log_control_session (void) |
| Check if control session events are being collected. More...
|
|
boolean | agt_audit_log_nacm_write_error (void) |
| Check if NACM write-access errors are being collected. More...
|
|
boolean | agt_audit_log_nacm_exec_error (void) |
| Check if NACM exec-access errors are being collected. More...
|
|
boolean | agt_audit_log_rpc_summary (void) |
| Check if RPC summary events are being collected. More...
|
|
boolean | agt_audit_log_edit_data (void) |
| Check if edit-data events are being collected. More...
|
|
The Audit Log Manager generates events for the security audit log.
The events are configured through the –audit-log-events parameter.
This audit log is not enabled at all unless the –audit-log parameter is configured in the server.
◆ agt_audit_cvt_log_events()
Get the binary bits from the YANG bits value.
- Parameters
-
| val | value struct with the CLI parameter |
[out] | res | address of return status; *res return status |
- Returns
- bits for the events found (if *res == NO_ERR)
◆ agt_audit_handle_acm_exec_error()
void agt_audit_handle_acm_exec_error |
( |
const xmlChar * |
user, |
|
|
const xmlChar * |
modname, |
|
|
const xmlChar * |
rpcname |
|
) |
| |
Generate an acm-exec-error event if enabled.
- Parameters
-
user | the user name |
modname | the RPC module name |
rpcname | the RPC method name |
◆ agt_audit_handle_acm_write_error()
Generate an acm-write-error event if enabled.
- Parameters
-
user | the user name |
val | the value node that got an access-denied error |
editop | the edit operation enum |
◆ agt_audit_handle_edit_record()
Create and store a change-audit record, if needed.
this function generates a log message if log level set to LOG_INFO or higher; An audit record for a sysConfigChange event is also generated
- Parameters
-
editop | edit operation requested |
scb | session control block |
msg | RPC message in progress |
curnode_clone | value to display for deletes |
newnode | top new value node involved in edit |
curnode | top cur value node involved in edit |
◆ agt_audit_handle_end_session()
Generate an end (client or control) session event if enabled.
- Parameters
-
scb | session control block |
termreason | enum for the session end reason |
killedby | session ID (relevant if reason=killed) |
◆ agt_audit_handle_rpc_summary()
Create and store an rpc-summary event audit record, if needed.
- Parameters
-
scb | session changing the startup datastore |
msg | request message |
◆ agt_audit_handle_start_session()
void agt_audit_handle_start_session |
( |
ses_cb_t * |
scb | ) |
|
Generate a start (client or control) session event if enabled.
- Parameters
-
◆ agt_audit_handle_update_startup()
void agt_audit_handle_update_startup |
( |
ses_cb_t * |
scb, |
|
|
rpc_msg_t * |
msg, |
|
|
const xmlChar * |
sourcetype, |
|
|
const xmlChar * |
sourcename |
|
) |
| |
Create and store an update-startup audit record, if needed.
- Parameters
-
scb | session changing the startup datastore |
msg | request message |
sourcetype | source of update |
sourcename | name of update source |
◆ agt_audit_log_client_session()
boolean agt_audit_log_client_session |
( |
void |
| ) |
|
Check if client session events are being collected.
- Returns
- TRUE if client session events being collected
◆ agt_audit_log_control_session()
boolean agt_audit_log_control_session |
( |
void |
| ) |
|
Check if control session events are being collected.
- Returns
- TRUE if control session events being collected
◆ agt_audit_log_edit_candidate()
boolean agt_audit_log_edit_candidate |
( |
void |
| ) |
|
Check if <candidate> edit events are being collected.
- Returns
- TRUE if <candidate> edit events being collected
◆ agt_audit_log_edit_data()
boolean agt_audit_log_edit_data |
( |
void |
| ) |
|
Check if edit-data events are being collected.
- Returns
- TRUE if edit-data should be added to edit events
◆ agt_audit_log_edit_running()
boolean agt_audit_log_edit_running |
( |
void |
| ) |
|
Check if <running> edit events are being collected.
- Returns
- TRUE if <running> edit events being collected
◆ agt_audit_log_nacm_exec_error()
boolean agt_audit_log_nacm_exec_error |
( |
void |
| ) |
|
Check if NACM exec-access errors are being collected.
- Returns
- TRUE if NACM exec events being collected
◆ agt_audit_log_nacm_write_error()
boolean agt_audit_log_nacm_write_error |
( |
void |
| ) |
|
Check if NACM write-access errors are being collected.
- Returns
- TRUE if NACM write events being collected
◆ agt_audit_log_rpc_summary()
boolean agt_audit_log_rpc_summary |
( |
void |
| ) |
|
Check if RPC summary events are being collected.
- Returns
- TRUE if RPC summary events being collected
◆ agt_audit_log_update_startup()
boolean agt_audit_log_update_startup |
( |
void |
| ) |
|
Check if <startup> update events are being collected.
- Returns
- TRUE if <startup> update events being collected