Andreas/evennia
1
0
Fork 0
mirror of https://github.com/evennia/evennia.git synced 2026-04-04 06:57:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
evennia/docs/1.0-dev/api/evennia.contrib.security.auditing.html

264 lines
16 KiB
HTML
Raw Normal View History

Updated HTML docs
2020-06-13 00:36:45 +02:00
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>evennia.contrib.security.auditing package &#8212; Evennia 1.0-dev documentation</title>
<link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/language_data.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="stylesheet" href="../_static/custom.css" type="text/css" />
<meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
</head><body>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="module-evennia.contrib.security.auditing">
<span id="evennia-contrib-security-auditing-package"></span><h1>evennia.contrib.security.auditing package<a class="headerlink" href="#module-evennia.contrib.security.auditing" title="Permalink to this headline"></a></h1>
<div class="section" id="submodules">
<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this headline"></a></h2>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.outputs">
<span id="evennia-contrib-security-auditing-outputs-module"></span><h2>evennia.contrib.security.auditing.outputs module<a class="headerlink" href="#module-evennia.contrib.security.auditing.outputs" title="Permalink to this headline"></a></h2>
<p>Auditable Server Sessions - Example Outputs
Example methods demonstrating output destinations for logs generated by
audited server sessions.</p>
<p>This is designed to be a single source of events for developers to customize
and add any additional enhancements before events are written out i.e. if you
want to keep a running list of what IPs a user logs in from on account/character
objects, or if you want to perform geoip or ASN lookups on IPs before committing,
or tag certain events with the results of a reputational lookup, this should be
the easiest place to do it. Write a method and invoke it via
<cite>settings.AUDIT_CALLBACK</cite> to have log data objects passed to it.</p>
<p>Evennia contribution - Johnny 2017</p>
<dl class="function">
<dt id="evennia.contrib.security.auditing.outputs.to_file">
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_file</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_file"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_file" title="Permalink to this definition"></a></dt>
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to files
in JSON format, bucketed by date.</p>
<p>Uses Evennias native logger and writes to the default
log directory (~/yourgame/server/logs/ or settings.LOG_DIR)</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) Parsed session transmission data.</p>
</dd>
</dl>
</dd></dl>
<dl class="function">
<dt id="evennia.contrib.security.auditing.outputs.to_syslog">
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_syslog</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_syslog"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_syslog" title="Permalink to this definition"></a></dt>
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to syslog.</p>
<p>Takes advantage of your systems native logger and writes to wherever
you have it configured, which is independent of Evennia.
Linux systems tend to write to /var/log/syslog.</p>
<p>If youre running rsyslog, you can configure it to dump and/or forward logs
to disk and/or an external data warehouse (recommended if your server is
compromised or taken down, losing your logs along with it is no help!).</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) Parsed session transmission data.</p>
</dd>
</dl>
</dd></dl>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.server">
<span id="evennia-contrib-security-auditing-server-module"></span><h2>evennia.contrib.security.auditing.server module<a class="headerlink" href="#module-evennia.contrib.security.auditing.server" title="Permalink to this headline"></a></h2>
<p>Auditable Server Sessions:
Extension of the stock ServerSession that yields objects representing
user inputs and system outputs.</p>
<p>Evennia contribution - Johnny 2017</p>
<dl class="class">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession">
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.server.</code><code class="sig-name descname">AuditedServerSession</code><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <a class="reference internal" href="evennia.server.html#evennia.server.serversession.ServerSession" title="evennia.server.serversession.ServerSession"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.server.serversession.ServerSession</span></code></a></p>
<p>This particular implementation parses all server inputs and/or outputs and
passes a dict containing the parsed metadata to a callback method of your
creation. This is useful for recording player activity where necessary for
security auditing, usage analysis or post-incident forensic discovery.</p>
<p><strong>* WARNING *</strong>
All strings are recorded and stored in plaintext. This includes those strings
which might contain sensitive data (create, connect, &#64;password). These commands
have their arguments masked by default, but you must mask or mask any
custom commands of your own that handle sensitive information.</p>
<p>See README.md for installation/configuration instructions.</p>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.audit">
<code class="sig-name descname">audit</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.audit" title="Permalink to this definition"></a></dt>
<dd><p>Extracts messages and system data from a Session object upon message
send or receive.</p>
<dl>
<dt>Kwargs:</dt><dd><p>src (str): Source of data; client or server. Indicates direction.
text (str or list): Client sends messages to server in the form of</p>
<blockquote>
<div><p>lists. Server sends messages to client as string.</p>
</div></blockquote>
</dd>
</dl>
<dl class="field-list simple">
<dt class="field-odd">Returns</dt>
<dd class="field-odd"><p><dl class="simple">
<dt>Dictionary object containing parsed system and user data</dt><dd><p>related to this message.</p>
</dd>
</dl>
</p>
</dd>
<dt class="field-even">Return type</dt>
<dd class="field-even"><p>log (dict)</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_in">
<code class="sig-name descname">data_in</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_in"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_in" title="Permalink to this definition"></a></dt>
<dd><p>Hook for protocols to send incoming data to the engine.</p>
<dl class="simple">
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data from the protocol.</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_out">
<code class="sig-name descname">data_out</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_out"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_out" title="Permalink to this definition"></a></dt>
<dd><p>Generic hook for sending data out through the protocol.</p>
<dl class="simple">
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data to the protocol.</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.mask">
<code class="sig-name descname">mask</code><span class="sig-paren">(</span><em class="sig-param">msg</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.mask" title="Permalink to this definition"></a></dt>
<dd><p>Masks potentially sensitive user information within messages before
writing to log. Recording cleartext password attempts is bad policy.</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>msg</strong> (<em>str</em>) Raw text string sent from client &lt;-&gt; server</p>
</dd>
<dt class="field-even">Returns</dt>
<dd class="field-even"><p>Text string with sensitive information masked out.</p>
</dd>
<dt class="field-odd">Return type</dt>
<dd class="field-odd"><p>msg (str)</p>
</dd>
</dl>
</dd></dl>
</dd></dl>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.tests">
<span id="evennia-contrib-security-auditing-tests-module"></span><h2>evennia.contrib.security.auditing.tests module<a class="headerlink" href="#module-evennia.contrib.security.auditing.tests" title="Permalink to this headline"></a></h2>
<p>Module containing the test cases for the Audit system.</p>
<dl class="class">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest">
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.tests.</code><code class="sig-name descname">AuditingTest</code><span class="sig-paren">(</span><em class="sig-param">methodName='runTest'</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <a class="reference internal" href="evennia.utils.html#evennia.utils.test_resources.EvenniaTest" title="evennia.utils.test_resources.EvenniaTest"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.utils.test_resources.EvenniaTest</span></code></a></p>
<dl class="method">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_audit">
<code class="sig-name descname">test_audit</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_audit" title="Permalink to this definition"></a></dt>
<dd><p>Make sure the audit function is returning a dictionary based on values
parsed from the Session object.</p>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_mask">
<code class="sig-name descname">test_mask</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_mask" title="Permalink to this definition"></a></dt>
<dd><p>Make sure the mask function is properly masking potentially sensitive
information from strings.</p>
</dd></dl>
</dd></dl>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<div id="searchbox" style="display: none" role="search">
<h3 id="searchlabel">Quick search</h3>
<div class="searchformwrapper">
<form class="search" action="../search.html" method="get">
<input type="text" name="q" aria-labelledby="searchlabel" />
<input type="submit" value="Go" />
</form>
</div>
</div>
<script>$('#searchbox').show(0);</script>
<p><h3><a href="../index.html">Table of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">evennia.contrib.security.auditing package</a><ul>
<li><a class="reference internal" href="#submodules">Submodules</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.outputs">evennia.contrib.security.auditing.outputs module</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.server">evennia.contrib.security.auditing.server module</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.tests">evennia.contrib.security.auditing.tests module</a></li>
</ul>
</li>
</ul>
<div class="relations">
<h3>Related Topics</h3>
<ul>
<li><a href="../index.html">Documentation overview</a><ul>
</ul></li>
</ul>
</div>
<div role="note" aria-label="source link">
<!--h3>This Page</h3-->
<ul class="this-page-menu">
<li><a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
rel="nofollow">Show Page Source</a></li>
</ul>
</div>
<h3>Versions</h3>
<ul>
<li><a href="evennia.contrib.security.auditing.html">1.0-dev (develop branch)</a></li>
Updated HTML docs
2020-06-13 12:23:41 +02:00
<li><a href="../../0.9.1/api/evennia.contrib.security.auditing.html">0.9.1 (master branch)</a></li>
Updated HTML docs
2020-06-13 00:36:45 +02:00
</ul>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="footer">
&copy;2020, The Evennia developer community.
|
Powered by <a href="http://sphinx-doc.org/">Sphinx 2.4.4</a>
&amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
|
<a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
rel="nofollow">Page source</a>
</div>
</body>
</html>
Reference in a new issue Copy permalink