From c612ae78d7e49e2c653fe961b33e57a4d09a2e71 Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Wed, 19 Jan 2022 16:16:09 +0100 Subject: Allow write audit log to syslog and systemdlog Signed-off-by: Joas Schilling --- apps/admin_audit/lib/AppInfo/Application.php | 18 +++++++++++------- config/config.sample.php | 27 ++++++++++++++++++++++++++- 2 files changed, 37 insertions(+), 8 deletions(-) diff --git a/apps/admin_audit/lib/AppInfo/Application.php b/apps/admin_audit/lib/AppInfo/Application.php index 7b5fb520bc9..594e1c7f2c4 100644 --- a/apps/admin_audit/lib/AppInfo/Application.php +++ b/apps/admin_audit/lib/AppInfo/Application.php @@ -96,15 +96,19 @@ class Application extends App implements IBootstrap { } private function getLogger(IConfig $config, - LoggerInterface $logger, ILogFactory $logFactory): LoggerInterface { - $default = $config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/audit.log'; - $logFile = $config->getAppValue('admin_audit', 'logfile', $default); - - if ($logFile === null) { - return $logger; + $auditType = $config->getSystemValueString('log_type_audit', 'file'); + $defaultTag = $config->getSystemValueString('syslog_tag', 'Nextcloud'); + $auditTag = $config->getSystemValueString('syslog_tag_audit', $defaultTag); + $logFile = $config->getSystemValueString('logfile_audit', ''); + + if ($auditType === 'file' && !$logFile) { + $default = $config->getSystemValue('datadirectory', \OC::$SERVERROOT . '/data') . '/audit.log'; + // Legacy way was appconfig, now it's paralleled with the normal log config + $logFile = $config->getAppValue('admin_audit', 'logfile', $default); } - return $logFactory->getCustomPsrLogger($logFile); + + return $logFactory->getCustomPsrLogger($logFile, $auditType, $auditTag); } /** diff --git a/config/config.sample.php b/config/config.sample.php index 05fdfd13d2a..432793c5787 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -837,6 +837,13 @@ $CONFIG = [ */ 'log_type' => 'file', +/** + * This parameter determines where the audit logs are sent. See ``log_type`` for more information. + * + * Defaults to ``file`` + */ +'log_type_audit' => 'file', + /** * Name of the file to which the Nextcloud logs are written if parameter * ``log_type`` is set to ``file``. @@ -846,7 +853,15 @@ $CONFIG = [ 'logfile' => '/var/log/nextcloud.log', /** - * Log file mode for the Nextcloud loggin type in octal notation. + * Name of the file to which the audit logs are written if parameter + * ``log_type`` is set to ``file``. + * + * Defaults to ``[datadirectory]/audit.log`` + */ +'logfile_audit' => '/var/log/audit.log', + +/** + * Log file mode for the Nextcloud logging type in octal notation. * * Defaults to 0640 (writeable by user, readable by group). */ @@ -870,6 +885,16 @@ $CONFIG = [ */ 'syslog_tag' => 'Nextcloud', +/** + * If you maintain different instances and aggregate the logs, you may want + * to distinguish between them. ``syslog_tag_audit`` can be set per instance + * with a unique id. Only available if ``log_type`` is set to ``syslog`` or + * ``systemd``. + * + * The default value is the value of ``syslog_tag``. + */ +'syslog_tag_audit' => 'Nextcloud', + /** * Log condition for log level increase based on conditions. Once one of these * conditions is met, the required log level is set to debug. This allows to -- cgit v1.2.3