Andreas/evennia
1
0
Fork 0
mirror of https://github.com/evennia/evennia.git synced 2026-03-21 15:26:30 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
evennia/docs/versions/1.0-dev/api/evennia.contrib.security.auditing.html
Griatch ef0e7c8aec Updated HTML docs
2020-06-13 00:15:39 +02:00

264 lines
No EOL
16 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title>evennia.contrib.security.auditing package &#8212; Evennia 1.0-dev documentation</title>
<link rel="stylesheet" href="../_static/alabaster.css" type="text/css" />
<link rel="stylesheet" href="../_static/pygments.css" type="text/css" />
<script id="documentation_options" data-url_root="../" src="../_static/documentation_options.js"></script>
<script src="../_static/jquery.js"></script>
<script src="../_static/underscore.js"></script>
<script src="../_static/doctools.js"></script>
<script src="../_static/language_data.js"></script>
<link rel="index" title="Index" href="../genindex.html" />
<link rel="search" title="Search" href="../search.html" />
<link rel="stylesheet" href="../_static/custom.css" type="text/css" />
<meta name="viewport" content="width=device-width, initial-scale=0.9, maximum-scale=0.9" />
</head><body>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body" role="main">
<div class="section" id="module-evennia.contrib.security.auditing">
<span id="evennia-contrib-security-auditing-package"></span><h1>evennia.contrib.security.auditing package<a class="headerlink" href="#module-evennia.contrib.security.auditing" title="Permalink to this headline"></a></h1>
<div class="section" id="submodules">
<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this headline"></a></h2>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.outputs">
<span id="evennia-contrib-security-auditing-outputs-module"></span><h2>evennia.contrib.security.auditing.outputs module<a class="headerlink" href="#module-evennia.contrib.security.auditing.outputs" title="Permalink to this headline"></a></h2>
<p>Auditable Server Sessions - Example Outputs
Example methods demonstrating output destinations for logs generated by
audited server sessions.</p>
<p>This is designed to be a single source of events for developers to customize
and add any additional enhancements before events are written out i.e. if you
want to keep a running list of what IPs a user logs in from on account/character
objects, or if you want to perform geoip or ASN lookups on IPs before committing,
or tag certain events with the results of a reputational lookup, this should be
the easiest place to do it. Write a method and invoke it via
<cite>settings.AUDIT_CALLBACK</cite> to have log data objects passed to it.</p>
<p>Evennia contribution - Johnny 2017</p>
<dl class="function">
<dt id="evennia.contrib.security.auditing.outputs.to_file">
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_file</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_file"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_file" title="Permalink to this definition"></a></dt>
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to files
in JSON format, bucketed by date.</p>
<p>Uses Evennias native logger and writes to the default
log directory (~/yourgame/server/logs/ or settings.LOG_DIR)</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) Parsed session transmission data.</p>
</dd>
</dl>
</dd></dl>
<dl class="function">
<dt id="evennia.contrib.security.auditing.outputs.to_syslog">
<code class="sig-prename descclassname">evennia.contrib.security.auditing.outputs.</code><code class="sig-name descname">to_syslog</code><span class="sig-paren">(</span><em class="sig-param">data</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/outputs.html#to_syslog"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.outputs.to_syslog" title="Permalink to this definition"></a></dt>
<dd><p>Writes dictionaries of data generated by an AuditedServerSession to syslog.</p>
<p>Takes advantage of your systems native logger and writes to wherever
you have it configured, which is independent of Evennia.
Linux systems tend to write to /var/log/syslog.</p>
<p>If youre running rsyslog, you can configure it to dump and/or forward logs
to disk and/or an external data warehouse (recommended if your server is
compromised or taken down, losing your logs along with it is no help!).</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>data</strong> (<em>dict</em>) Parsed session transmission data.</p>
</dd>
</dl>
</dd></dl>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.server">
<span id="evennia-contrib-security-auditing-server-module"></span><h2>evennia.contrib.security.auditing.server module<a class="headerlink" href="#module-evennia.contrib.security.auditing.server" title="Permalink to this headline"></a></h2>
<p>Auditable Server Sessions:
Extension of the stock ServerSession that yields objects representing
user inputs and system outputs.</p>
<p>Evennia contribution - Johnny 2017</p>
<dl class="class">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession">
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.server.</code><code class="sig-name descname">AuditedServerSession</code><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <a class="reference internal" href="evennia.server.html#evennia.server.serversession.ServerSession" title="evennia.server.serversession.ServerSession"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.server.serversession.ServerSession</span></code></a></p>
<p>This particular implementation parses all server inputs and/or outputs and
passes a dict containing the parsed metadata to a callback method of your
creation. This is useful for recording player activity where necessary for
security auditing, usage analysis or post-incident forensic discovery.</p>
<p><strong>* WARNING *</strong>
All strings are recorded and stored in plaintext. This includes those strings
which might contain sensitive data (create, connect, &#64;password). These commands
have their arguments masked by default, but you must mask or mask any
custom commands of your own that handle sensitive information.</p>
<p>See README.md for installation/configuration instructions.</p>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.audit">
<code class="sig-name descname">audit</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.audit" title="Permalink to this definition"></a></dt>
<dd><p>Extracts messages and system data from a Session object upon message
send or receive.</p>
<dl>
<dt>Kwargs:</dt><dd><p>src (str): Source of data; client or server. Indicates direction.
text (str or list): Client sends messages to server in the form of</p>
<blockquote>
<div><p>lists. Server sends messages to client as string.</p>
</div></blockquote>
</dd>
</dl>
<dl class="field-list simple">
<dt class="field-odd">Returns</dt>
<dd class="field-odd"><p><dl class="simple">
<dt>Dictionary object containing parsed system and user data</dt><dd><p>related to this message.</p>
</dd>
</dl>
</p>
</dd>
<dt class="field-even">Return type</dt>
<dd class="field-even"><p>log (dict)</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_in">
<code class="sig-name descname">data_in</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_in"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_in" title="Permalink to this definition"></a></dt>
<dd><p>Hook for protocols to send incoming data to the engine.</p>
<dl class="simple">
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data from the protocol.</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.data_out">
<code class="sig-name descname">data_out</code><span class="sig-paren">(</span><em class="sig-param">**kwargs</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.data_out"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.data_out" title="Permalink to this definition"></a></dt>
<dd><p>Generic hook for sending data out through the protocol.</p>
<dl class="simple">
<dt>Kwargs:</dt><dd><p>kwargs (any): Other data to the protocol.</p>
</dd>
</dl>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.server.AuditedServerSession.mask">
<code class="sig-name descname">mask</code><span class="sig-paren">(</span><em class="sig-param">msg</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/server.html#AuditedServerSession.mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.server.AuditedServerSession.mask" title="Permalink to this definition"></a></dt>
<dd><p>Masks potentially sensitive user information within messages before
writing to log. Recording cleartext password attempts is bad policy.</p>
<dl class="field-list simple">
<dt class="field-odd">Parameters</dt>
<dd class="field-odd"><p><strong>msg</strong> (<em>str</em>) Raw text string sent from client &lt;-&gt; server</p>
</dd>
<dt class="field-even">Returns</dt>
<dd class="field-even"><p>Text string with sensitive information masked out.</p>
</dd>
<dt class="field-odd">Return type</dt>
<dd class="field-odd"><p>msg (str)</p>
</dd>
</dl>
</dd></dl>
</dd></dl>
</div>
<div class="section" id="module-evennia.contrib.security.auditing.tests">
<span id="evennia-contrib-security-auditing-tests-module"></span><h2>evennia.contrib.security.auditing.tests module<a class="headerlink" href="#module-evennia.contrib.security.auditing.tests" title="Permalink to this headline"></a></h2>
<p>Module containing the test cases for the Audit system.</p>
<dl class="class">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest">
<em class="property">class </em><code class="sig-prename descclassname">evennia.contrib.security.auditing.tests.</code><code class="sig-name descname">AuditingTest</code><span class="sig-paren">(</span><em class="sig-param">methodName='runTest'</em><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <a class="reference internal" href="evennia.utils.html#evennia.utils.test_resources.EvenniaTest" title="evennia.utils.test_resources.EvenniaTest"><code class="xref py py-class docutils literal notranslate"><span class="pre">evennia.utils.test_resources.EvenniaTest</span></code></a></p>
<dl class="method">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_audit">
<code class="sig-name descname">test_audit</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_audit"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_audit" title="Permalink to this definition"></a></dt>
<dd><p>Make sure the audit function is returning a dictionary based on values
parsed from the Session object.</p>
</dd></dl>
<dl class="method">
<dt id="evennia.contrib.security.auditing.tests.AuditingTest.test_mask">
<code class="sig-name descname">test_mask</code><span class="sig-paren">(</span><span class="sig-paren">)</span><a class="reference internal" href="../_modules/evennia/contrib/security/auditing/tests.html#AuditingTest.test_mask"><span class="viewcode-link">[source]</span></a><a class="headerlink" href="#evennia.contrib.security.auditing.tests.AuditingTest.test_mask" title="Permalink to this definition"></a></dt>
<dd><p>Make sure the mask function is properly masking potentially sensitive
information from strings.</p>
</dd></dl>
</dd></dl>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar" role="navigation" aria-label="main navigation">
<div class="sphinxsidebarwrapper">
<div id="searchbox" style="display: none" role="search">
<h3 id="searchlabel">Quick search</h3>
<div class="searchformwrapper">
<form class="search" action="../search.html" method="get">
<input type="text" name="q" aria-labelledby="searchlabel" />
<input type="submit" value="Go" />
</form>
</div>
</div>
<script>$('#searchbox').show(0);</script>
<p><h3><a href="../index.html">Table of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">evennia.contrib.security.auditing package</a><ul>
<li><a class="reference internal" href="#submodules">Submodules</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.outputs">evennia.contrib.security.auditing.outputs module</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.server">evennia.contrib.security.auditing.server module</a></li>
<li><a class="reference internal" href="#module-evennia.contrib.security.auditing.tests">evennia.contrib.security.auditing.tests module</a></li>
</ul>
</li>
</ul>
<div class="relations">
<h3>Related Topics</h3>
<ul>
<li><a href="../index.html">Documentation overview</a><ul>
</ul></li>
</ul>
</div>
<div role="note" aria-label="source link">
<!--h3>This Page</h3-->
<ul class="this-page-menu">
<li><a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
rel="nofollow">Show Page Source</a></li>
</ul>
</div>
<h3>Versions</h3>
<ul>
<li><a href="evennia.contrib.security.auditing.html">1.0-dev (develop branch)</a></li>
<li><a href="../../../versions/0.9.1/api/evennia.contrib.security.auditing.html">0.9.1 (master branch)</a></li>
</ul>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="footer">
&copy;2020, The Evennia developer community.
|
Powered by <a href="http://sphinx-doc.org/">Sphinx 2.4.4</a>
&amp; <a href="https://github.com/bitprophet/alabaster">Alabaster 0.7.12</a>
|
<a href="../_sources/api/evennia.contrib.security.auditing.rst.txt"
rel="nofollow">Page source</a>
</div>
</body>
</html>
Reference in a new issue View git blame Copy permalink