security/audit/auditor.go - release.go.x.ref - Git at Google

 // Package audit provides mechanisms to write method invocations to an audit log.
 //
 // Typical use would be for tracking sensitive operations like private key usage (NewPrincipal),
 // or sensitive RPC method invocations.
 package audit

 import (
 	"fmt"
 	"strings"
 	"time"
 )

 // Auditor is the interface for writing auditable events.
 type Auditor interface {
 	Audit(entry Entry) error
 }

 // Entry is the information logged on each auditable event.
 type Entry struct {
 	// Method being invoked.
 	Method string
 	// Arguments to the method.
 	// Any sensitive data in the arguments should not be included,
 	// even if the argument was provided to the real method invocation.
 	Arguments []interface{}
 	// Result of the method invocation.
 	// A common use case is to audit only successful method invocations.
 	Results []interface{}

 	// Timestamp of method invocation.
 	Timestamp time.Time
 }

 func (e Entry) String() string {
 	return fmt.Sprintf("%v: %s(%s)%s", e.Timestamp.Format(time.RFC3339), e.Method, join(e.Arguments, "", ""), join(e.Results, " = (", ")"))
 }

 func join(elems []interface{}, prefix, suffix string) string {
 	switch len(elems) {
 	case 0:
 		return ""
 	case 1:
 		return fmt.Sprintf("%s%v%s", prefix, elems[0], suffix)
 	}
 	strs := make([]string, len(elems))
 	for i, e := range elems {
 		strs[i] = fmt.Sprintf("%v", e)
 	}
 	return prefix + strings.Join(strs, ", ") + suffix
 }
	// Package audit provides mechanisms to write method invocations to an audit log.
	//
	// Typical use would be for tracking sensitive operations like private key usage (NewPrincipal),
	// or sensitive RPC method invocations.
	package audit

	import (
	"fmt"
	"strings"
	"time"
	)

	// Auditor is the interface for writing auditable events.
	type Auditor interface {
	Audit(entry Entry) error
	}

	// Entry is the information logged on each auditable event.
	type Entry struct {
	// Method being invoked.
	Method string
	// Arguments to the method.
	// Any sensitive data in the arguments should not be included,
	// even if the argument was provided to the real method invocation.
	Arguments []interface{}
	// Result of the method invocation.
	// A common use case is to audit only successful method invocations.
	Results []interface{}

	// Timestamp of method invocation.
	Timestamp time.Time
	}

	func (e Entry) String() string {
	return fmt.Sprintf("%v: %s(%s)%s", e.Timestamp.Format(time.RFC3339), e.Method, join(e.Arguments, "", ""), join(e.Results, " = (", ")"))
	}

	func join(elems []interface{}, prefix, suffix string) string {
	switch len(elems) {
	case 0:
	return ""
	case 1:
	return fmt.Sprintf("%s%v%s", prefix, elems[0], suffix)
	}
	strs := make([]string, len(elems))
	for i, e := range elems {
	strs[i] = fmt.Sprintf("%v", e)
	}
	return prefix + strings.Join(strs, ", ") + suffix
	}