mirror of
https://github.com/evennia/evennia.git
synced 2026-04-01 13:37:17 +02:00
264 lines
16 KiB
HTML
264 lines
16 KiB
HTML
|
|
|||
|
|
<!DOCTYPE html>
|
|||
|
|
|
|||
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|||
|
|
<head>
|
|||
|
|
<meta charset="utf-8" />
|
|||
|
|
<title>evennia.contrib.security.auditing package — Evennia 1.0-dev documentation</title>
|
|||
|
|
<link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
|
|||
|
|
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
|
|||
|
|
<script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
|
|||
|
|
<script src="../_static/jquery.js"></script>
|
|||
|
|
<script src="../_static/underscore.js"></script>
|
|||
|
|
<script src="../_static/doctools.js"></script>
|
|||
|
|
<script src="../_static/language_data.js"></script>
|
|||
|
|
<link rel="index" title="Index" href="../genindex.html" />
|
|||
|
|
<link rel="search" title="Search" href="../search.html" />
|
|||
|
|
|
|||
|
|
<link rel="stylesheet" href="../_static/custom.css" type="text/css" />
|
|||
|
|
|
|||
|
|
|
|||
|
|
<meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
|
|||
|
|
|
|||
|
|
</head><body>
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="document">
|
|||
|
|
<div class="documentwrapper">
|
|||
|
|
<div class="bodywrapper">
|
|||
|
|
|
|||
|
|
|
|||
|
|
<div class="body" role="main">
|
|||
|
|
|
|||
|
|
<div class="section" id="module-evennia.contrib.security.auditing">
|
|||
|
|
<span id="evennia-contrib-security-auditing-package"></span><h1>evennia.contrib.security.auditing package<a class="headerlink" href="#module-evennia.contrib.security.auditing" title="Permalink to this headline">¶</a></h1>
|
|||
|
|
<div class="section" id="submodules">
|
|||
|
|
<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this headline">¶</a></h2>
|
|||
|
|
</div>
|
|||
|
|
<div class="section" id="module-evennia.contrib.security.auditing.outputs">
|
|||
|
|
<span id="evennia-contrib-security-auditing-outputs-module"></span><h2>evennia.contrib.security.auditing.outputs module<a class="headerlink" href="#module-evennia.contrib.security.auditing.outputs" title="Permalink to this headline">¶</a></h2>
|
|||
|
|
<p>Auditable Server Sessions - Example Outputs
|
|||
|
|
Example methods demonstrating output destinations for logs generated by
|
|||
|
|
audited server sessions.</p>
|
|||
|
|
<p>This is designed to be a single source of events for developers to customize
|
|||
|
|
and add any additional enhancements before events are written out– i.e. if you
|
|||
|
|
want to keep a running list of what IPs a user logs in from on account/character
|
|||
|
|
objects, or if you want to perform geoip or ASN lookups on IPs before committing,
|
|||
|
|
or tag certain events with the results of a reputational lookup, this should be
|
|||
|
|
the easiest place to do it. Write a method and invoke it via
|
|||
|
|
<cite>settings.AUDIT_CALLBACK</cite> to have log data objects passed to it.</p>
|
|||
|
|
<p>Evennia contribution - Johnny 2017</p>
|
|||
|
|
<dl class="function">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.outputs.to_file">
|
|||
|
|
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_file</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_file"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_file" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to files
|
|||
|
|
in JSON format, bucketed by date.</p>
|
|||
|
|
<p>Uses Evennia’s native logger and writes to the default
|
|||
|
|
log directory (~/yourgame/server/logs/ or settings.LOG_DIR)</p>
|
|||
|
|
<dl class="field-list simple">
|
|||
|
|
<dt class="field-odd">Parameters</dt>
|
|||
|
|
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) – Parsed session transmission data.</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
<dl class="function">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.outputs.to_syslog">
|
|||
|
|
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_syslog</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_syslog"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_syslog" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to syslog.</p>
|
|||
|
|
<p>Takes advantage of your system’s native logger and writes to wherever
|
|||
|
|
you have it configured, which is independent of Evennia.
|
|||
|
|
Linux systems tend to write to /var/log/syslog.</p>
|
|||
|
|
<p>If you’re running rsyslog, you can configure it to dump and/or forward logs
|
|||
|
|
to disk and/or an external data warehouse (recommended– if your server is
|
|||
|
|
compromised or taken down, losing your logs along with it is no help!).</p>
|
|||
|
|
<dl class="field-list simple">
|
|||
|
|
<dt class="field-odd">Parameters</dt>
|
|||
|
|
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) – Parsed session transmission data.</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
<div class="section" id="module-evennia.contrib.security.auditing.server">
|
|||
|
|
<span id="evennia-contrib-security-auditing-server-module"></span><h2>evennia.contrib.security.auditing.server module<a class="headerlink" href="#module-evennia.contrib.security.auditing.server" title="Permalink to this headline">¶</a></h2>
|
|||
|
|
<p>Auditable Server Sessions:
|
|||
|
|
Extension of the stock ServerSession that yields objects representing
|
|||
|
|
user inputs and system outputs.</p>
|
|||
|
|
<p>Evennia contribution - Johnny 2017</p>
|
|||
|
|
<dl class="class">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession">
|
|||
|
|
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.server.</code><code class="sig-name descname">AuditedServerSession</code><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Bases: <a class="reference internal" href="evennia.server.html#evennia.server.serversession.ServerSession" title="evennia.server.serversession.ServerSession"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.server.serversession.ServerSession</span></code></a></p>
|
|||
|
|
<p>This particular implementation parses all server inputs and/or outputs and
|
|||
|
|
passes a dict containing the parsed metadata to a callback method of your
|
|||
|
|
creation. This is useful for recording player activity where necessary for
|
|||
|
|
security auditing, usage analysis or post-incident forensic discovery.</p>
|
|||
|
|
<p><strong>* WARNING *</strong>
|
|||
|
|
All strings are recorded and stored in plaintext. This includes those strings
|
|||
|
|
which might contain sensitive data (create, connect, @password). These commands
|
|||
|
|
have their arguments masked by default, but you must mask or mask any
|
|||
|
|
custom commands of your own that handle sensitive information.</p>
|
|||
|
|
<p>See README.md for installation/configuration instructions.</p>
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.audit">
|
|||
|
|
<code class="sig-name descname">audit</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.audit" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Extracts messages and system data from a Session object upon message
|
|||
|
|
send or receive.</p>
|
|||
|
|
<dl>
|
|||
|
|
<dt>Kwargs:</dt><dd><p>src (str): Source of data; ‘client’ or ‘server’. Indicates direction.
|
|||
|
|
text (str or list): Client sends messages to server in the form of</p>
|
|||
|
|
<blockquote>
|
|||
|
|
<div><p>lists. Server sends messages to client as string.</p>
|
|||
|
|
</div></blockquote>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
<dl class="field-list simple">
|
|||
|
|
<dt class="field-odd">Returns</dt>
|
|||
|
|
<dd class="field-odd"><p><dl class="simple">
|
|||
|
|
<dt>Dictionary object containing parsed system and user data</dt><dd><p>related to this message.</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</p>
|
|||
|
|
</dd>
|
|||
|
|
<dt class="field-even">Return type</dt>
|
|||
|
|
<dd class="field-even"><p>log (dict)</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_in">
|
|||
|
|
<code class="sig-name descname">data_in</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_in"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_in" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Hook for protocols to send incoming data to the engine.</p>
|
|||
|
|
<dl class="simple">
|
|||
|
|
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data from the protocol.</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_out">
|
|||
|
|
<code class="sig-name descname">data_out</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_out"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_out" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Generic hook for sending data out through the protocol.</p>
|
|||
|
|
<dl class="simple">
|
|||
|
|
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data to the protocol.</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.mask">
|
|||
|
|
<code class="sig-name descname">mask</code><span class="sig-paren">(</span><em class="sig-param">msg</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.mask" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Masks potentially sensitive user information within messages before
|
|||
|
|
writing to log. Recording cleartext password attempts is bad policy.</p>
|
|||
|
|
<dl class="field-list simple">
|
|||
|
|
<dt class="field-odd">Parameters</dt>
|
|||
|
|
<dd class="field-odd"><p><strong>msg</strong> (<em>str</em>) – Raw text string sent from client <-> server</p>
|
|||
|
|
</dd>
|
|||
|
|
<dt class="field-even">Returns</dt>
|
|||
|
|
<dd class="field-even"><p>Text string with sensitive information masked out.</p>
|
|||
|
|
</dd>
|
|||
|
|
<dt class="field-odd">Return type</dt>
|
|||
|
|
<dd class="field-odd"><p>msg (str)</p>
|
|||
|
|
</dd>
|
|||
|
|
</dl>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
<div class="section" id="module-evennia.contrib.security.auditing.tests">
|
|||
|
|
<span id="evennia-contrib-security-auditing-tests-module"></span><h2>evennia.contrib.security.auditing.tests module<a class="headerlink" href="#module-evennia.contrib.security.auditing.tests" title="Permalink to this headline">¶</a></h2>
|
|||
|
|
<p>Module containing the test cases for the Audit system.</p>
|
|||
|
|
<dl class="class">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.tests.AuditingTest">
|
|||
|
|
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.tests.</code><code class="sig-name descname">AuditingTest</code><span class="sig-paren">(</span><em class="sig-param">methodName='runTest'</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Bases: <a class="reference internal" href="evennia.utils.html#evennia.utils.test_resources.EvenniaTest" title="evennia.utils.test_resources.EvenniaTest"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.utils.test_resources.EvenniaTest</span></code></a></p>
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_audit">
|
|||
|
|
<code class="sig-name descname">test_audit</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_audit" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Make sure the ‘audit’ function is returning a dictionary based on values
|
|||
|
|
parsed from the Session object.</p>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
<dl class="method">
|
|||
|
|
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_mask">
|
|||
|
|
<code class="sig-name descname">test_mask</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_mask" title="Permalink to this definition">¶</a></dt>
|
|||
|
|
<dd><p>Make sure the ‘mask’ function is properly masking potentially sensitive
|
|||
|
|
information from strings.</p>
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
</dd></dl>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
|
|||
|
|
<div class="sphinxsidebarwrapper">
|
|||
|
|
<div id="searchbox" style="display: none" role="search">
|
|||
|
|
<h3 id="searchlabel">Quick search</h3>
|
|||
|
|
<div class="searchformwrapper">
|
|||
|
|
<form class="search" action="../search.html" method="get">
|
|||
|
|
<input type="text" name="q" aria-labelledby="searchlabel" />
|
|||
|
|
<input type="submit" value="Go" />
|
|||
|
|
</form>
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<script>$('#searchbox').show(0);</script>
|
|||
|
|
<p><h3><a href="../index.html">Table of Contents</a></h3>
|
|||
|
|
<ul>
|
|||
|
|
<li><a class="reference internal" href="#">evennia.contrib.security.auditing package</a><ul>
|
|||
|
|
<li><a class="reference internal" href="#submodules">Submodules</a></li>
|
|||
|
|
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.outputs">evennia.contrib.security.auditing.outputs module</a></li>
|
|||
|
|
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.server">evennia.contrib.security.auditing.server module</a></li>
|
|||
|
|
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.tests">evennia.contrib.security.auditing.tests module</a></li>
|
|||
|
|
</ul>
|
|||
|
|
</li>
|
|||
|
|
</ul>
|
|||
|
|
<div class="relations">
|
|||
|
|
<h3>Related Topics</h3>
|
|||
|
|
<ul>
|
|||
|
|
<li><a href="../index.html">Documentation overview</a><ul>
|
|||
|
|
</ul></li>
|
|||
|
|
</ul>
|
|||
|
|
</div>
|
|||
|
|
<div role="note" aria-label="source link">
|
|||
|
|
<!--h3>This Page</h3-->
|
|||
|
|
<ul class="this-page-menu">
|
|||
|
|
<li><a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
|
|||
|
|
rel="nofollow">Show Page Source</a></li>
|
|||
|
|
</ul>
|
|||
|
|
</div>
|
|||
|
|
<h3>Versions</h3>
|
|||
|
|
<ul>
|
|||
|
|
<li><a href="evennia.contrib.security.auditing.html">1.0-dev (develop branch)</a></li>
|
|||
|
|
<li><a href="../../../versions/0.9.1/api/evennia.contrib.security.auditing.html">0.9.1 (master branch)</a></li>
|
|||
|
|
</ul>
|
|||
|
|
|
|||
|
|
</div>
|
|||
|
|
</div>
|
|||
|
|
<div class="clearer"></div>
|
|||
|
|
</div>
|
|||
|
|
<div class="footer">
|
|||
|
|
©2020, The Evennia developer community.
|
|||
|
|
|
|||
|
|
|
|
|||
|
|
Powered by <a href="http://sphinx-doc.org/">Sphinx 2.4.4</a>
|
|||
|
|
& <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
|
|||
|
|
|
|||
|
|
|
|
|||
|
|
<a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
|
|||
|
|
rel="nofollow">Page source</a>
|
|||
|
|
</div>
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
|
|||
|
|
</body>
|
|||
|
|
</html>
|