evennia.contrib.security.auditing package¶
Submodules¶
evennia.contrib.security.auditing.outputs module¶
Auditable Server Sessions - Example Outputs Example methods demonstrating output destinations for logs generated by audited server sessions.
This is designed to be a single source of events for developers to customize and add any additional enhancements before events are written out– i.e. if you want to keep a running list of what IPs a user logs in from on account/character objects, or if you want to perform geoip or ASN lookups on IPs before committing, or tag certain events with the results of a reputational lookup, this should be the easiest place to do it. Write a method and invoke it via settings.AUDIT_CALLBACK to have log data objects passed to it.
Evennia contribution - Johnny 2017
-
evennia.contrib.security.auditing.outputs.to_file(data)[source]¶ Writes dictionaries of data generated by an AuditedServerSession to files in JSON format, bucketed by date.
Uses Evennia’s native logger and writes to the default log directory (~/yourgame/server/logs/ or settings.LOG_DIR)
- Parameters
data (dict) – Parsed session transmission data.
-
evennia.contrib.security.auditing.outputs.to_syslog(data)[source]¶ Writes dictionaries of data generated by an AuditedServerSession to syslog.
Takes advantage of your system’s native logger and writes to wherever you have it configured, which is independent of Evennia. Linux systems tend to write to /var/log/syslog.
If you’re running rsyslog, you can configure it to dump and/or forward logs to disk and/or an external data warehouse (recommended– if your server is compromised or taken down, losing your logs along with it is no help!).
- Parameters
data (dict) – Parsed session transmission data.
evennia.contrib.security.auditing.server module¶
Auditable Server Sessions: Extension of the stock ServerSession that yields objects representing user inputs and system outputs.
Evennia contribution - Johnny 2017
-
class
evennia.contrib.security.auditing.server.AuditedServerSession[source]¶ Bases:
evennia.server.serversession.ServerSessionThis particular implementation parses all server inputs and/or outputs and passes a dict containing the parsed metadata to a callback method of your creation. This is useful for recording player activity where necessary for security auditing, usage analysis or post-incident forensic discovery.
* WARNING * All strings are recorded and stored in plaintext. This includes those strings which might contain sensitive data (create, connect, @password). These commands have their arguments masked by default, but you must mask or mask any custom commands of your own that handle sensitive information.
See README.md for installation/configuration instructions.
-
audit(**kwargs)[source]¶ Extracts messages and system data from a Session object upon message send or receive.
- Kwargs:
src (str): Source of data; ‘client’ or ‘server’. Indicates direction. text (str or list): Client sends messages to server in the form of
lists. Server sends messages to client as string.
- Returns
- Dictionary object containing parsed system and user data
related to this message.
- Return type
log (dict)
-
data_in(**kwargs)[source]¶ Hook for protocols to send incoming data to the engine.
- Kwargs:
kwargs (any): Other data from the protocol.
-
data_out(**kwargs)[source]¶ Generic hook for sending data out through the protocol.
- Kwargs:
kwargs (any): Other data to the protocol.
-
mask(msg)[source]¶ Masks potentially sensitive user information within messages before writing to log. Recording cleartext password attempts is bad policy.
- Parameters
msg (str) – Raw text string sent from client <-> server
- Returns
Text string with sensitive information masked out.
- Return type
msg (str)
-
evennia.contrib.security.auditing.tests module¶
Module containing the test cases for the Audit system.
-
class
evennia.contrib.security.auditing.tests.AuditingTest(methodName='runTest')[source]¶