15.2.3. Audit log¶
15.2.3.1. Base class¶
-
class
privacyidea.lib.auditmodules.base.
Audit
(config=None)[source]¶ -
-
audit_entry_to_dict
(audit_entry)[source]¶ If the search_query returns an iterator with elements that are not a dictionary, the audit module needs to provide this function, to convert the audit entry to a dictionary.
-
csv_generator
(param=None, user=None, timelimit=None)[source]¶ A generator that can be used to stream the audit log
Parameters: param – Returns:
-
finalize_log
()[source]¶ This method is called to finalize the audit_data. I.e. sign the data and write it to the database. It should hash the data and do a hash chain and sign the data
-
get_count
(search_dict, timedelta=None, success=None)[source]¶ Returns the number of found log entries. E.g. used for checking the timelimit.
Parameters: param – List of filter parameters Returns: number of found entries
-
get_dataframe
(start_time=datetime.datetime(2019, 1, 30, 9, 22, 24, 464249), end_time=datetime.datetime(2019, 2, 6, 9, 22, 24, 464279))[source]¶ The Audit module can handle its data the best. This function is used to return a pandas.dataframe with all audit data in the given time frame.
This dataframe then can be used for extracting statistics.
Parameters: - start_time (datetime) – The start time of the data
- end_time (datetime) – The end time of the data
Returns: Audit data
Return type: dataframe
-
get_total
(param, AND=True, display_error=True)[source]¶ This method returns the total number of audit entries in the audit store
-
initialize_log
(param)[source]¶ This method initialized the log state. The fact, that the log state was initialized, also needs to be logged. Therefor the same params are passed as i the log method.
-
log
(param)[source]¶ This method is used to log the data. During a request this method can be called several times to fill the internal audit_data dictionary.
-
log_token_num
(count)[source]¶ Log the number of the tokens. Can be passed like log_token_num(get_tokens(count=True))
Parameters: count (int) – Number of tokens Returns:
-
read_keys
(pub, priv)[source]¶ Set the private and public key for the audit class. This is achieved by passing the entries.
#priv = config.get(“privacyideaAudit.key.private”) #pub = config.get(“privacyideaAudit.key.public”)
Parameters: - pub (string with filename) – Public key, used for verifying the signature
- priv (string with filename) – Private key, used to sign the audit entry
Returns: None
-
15.2.3.2. SQL Audit module¶
-
class
privacyidea.lib.auditmodules.sqlaudit.
Audit
(config=None)[source]¶ This is the SQLAudit module, which writes the audit entries to an SQL database table. It requires the configuration parameters. PI_AUDIT_SQL_URI
-
clear
()[source]¶ Deletes all entries in the database table. This is only used for test cases! :return:
-
csv_generator
(param=None, user=None, timelimit=None)[source]¶ Returns the audit log as csv file. :param timelimit: Limit the number of dumped entries by time :type timelimit: datetime.timedelta :param param: The request parameters :type param: dict :param user: The user, who issued the request :return: None. It yields results as a generator
-
finalize_log
()[source]¶ This method is used to log the data. It should hash the data and do a hash chain and sign the data
-
get_dataframe
(start_time=datetime.datetime(2019, 1, 30, 9, 22, 24, 608589), end_time=datetime.datetime(2019, 2, 6, 9, 22, 24, 608614))[source]¶ The Audit module can handle its data the best. This function is used to return a pandas.dataframe with all audit data in the given time frame.
This dataframe then can be used for extracting statistics.
Parameters: - start_time (datetime) – The start time of the data
- end_time (datetime) – The end time of the data
Returns: Audit data
Return type: dataframe
-
get_total
(param, AND=True, display_error=True, timelimit=None)[source]¶ This method returns the total number of audit entries in the audit store
-
log
(param)[source]¶ Add new log details in param to the internal log data self.audit_data.
Parameters: param (dict) – Log data that is to be added Returns: None
-
read_keys
(pub, priv)[source]¶ Set the private and public key for the audit class. This is achieved by passing the entries.
#priv = config.get(“privacyideaAudit.key.private”) #pub = config.get(“privacyideaAudit.key.public”)
Parameters: - pub (string with filename) – Public key, used for verifying the signature
- priv (string with filename) – Private key, used to sign the audit entry
Returns: None
-