Log4rAuditor

This gem provides the log4r auditor that can be plugged into the SOAR architecture.

Installation

Add this line to your application's Gemfile:

gem 'log4r_auditor'

And then execute:

$ bundle

Or install it yourself as:

$ gem install log4r_auditor

Testing

Behavioural driven testing can be performed by testing so:

$ bundle exec rspec -cfd spec/*

Usage

Initialize and configure the auditor so:

@iut = Log4rAuditor::Log4rAuditor.new
@log4r_configuration = { 'file_name' => 'logfile',
                         'standard_stream' => 'stdout' }
@iut.configure(@log4r_configuration)

Audit using the API methods inherited from SoarAuditorApi::AuditorAPI, e.g.:

@iut.warn("This is a test event")

Detailed example

require 'soar_auditing_format'
require 'time'
require 'securerandom'
require "log4r_auditor"

class Main
  def test_sanity
    @iut = Log4rAuditor::Log4rAuditor.new
    @log4r_configuration = { 'file_name' => 'logfile',
                             'standard_stream' => 'stdout' }
    @iut.configure(@log4r_configuration)
    @iut.set_audit_level(:debug)

    my_optional_operation_field = SoarAuditingFormatter::Formatter.optional_field_format("operation", "Http.Get")
    my_optional_method_name_field = SoarAuditingFormatter::Formatter.optional_field_format("method", "#{self.class}::#{__method__}::#{__LINE__}")
    @iut.debug(SoarAuditingFormatter::Formatter.format(:debug,'my-sanity-service-id',SecureRandom.hex(32),Time.now.iso8601(3),"#{my_optional_method_name_field}#{my_optional_operation_field} test message with optional fields"))
  end
end

main = Main.new
main.test_sanity

Contributing

Bug reports and feature requests are welcome by email to barney dot de dot villiers at hetzner dot co dot za. This gem is sponsored by Hetzner (Pty) Ltd (http://hetzner.co.za)

License

The gem is available as open source under the terms of the MIT License.