From 6f15ac255a93f2ed432408a2c981fc0c8fcdf4d2 Mon Sep 17 00:00:00 2001 From: swayne275 Date: Thu, 12 May 2022 11:28:00 -0600 Subject: [PATCH] add mount accessor to audit request and responses (#15342) * add mount accessor to audit request and responses * add changelog * cleanup todo --- audit/format.go | 37 +++++++++++++++++++++---------------- changelog/15342.txt | 3 +++ 2 files changed, 24 insertions(+), 16 deletions(-) create mode 100644 changelog/15342.txt diff --git a/audit/format.go b/audit/format.go index 417f5398f..585de1d69 100644 --- a/audit/format.go +++ b/audit/format.go @@ -115,6 +115,7 @@ func (f *AuditFormatter) FormatRequest(ctx context.Context, w io.Writer, config ClientTokenAccessor: req.ClientTokenAccessor, Operation: req.Operation, MountType: req.MountType, + MountAccessor: req.MountAccessor, Namespace: &AuditNamespace{ ID: ns.ID, Path: ns.Path, @@ -278,6 +279,7 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config ClientTokenAccessor: req.ClientTokenAccessor, Operation: req.Operation, MountType: req.MountType, + MountAccessor: req.MountAccessor, Namespace: &AuditNamespace{ ID: ns.ID, Path: ns.Path, @@ -293,14 +295,15 @@ func (f *AuditFormatter) FormatResponse(ctx context.Context, w io.Writer, config }, Response: &AuditResponse{ - MountType: req.MountType, - Auth: respAuth, - Secret: respSecret, - Data: resp.Data, - Warnings: resp.Warnings, - Redirect: resp.Redirect, - WrapInfo: respWrapInfo, - Headers: resp.Headers, + MountType: req.MountType, + MountAccessor: req.MountAccessor, + Auth: respAuth, + Secret: respSecret, + Data: resp.Data, + Warnings: resp.Warnings, + Redirect: resp.Redirect, + WrapInfo: respWrapInfo, + Headers: resp.Headers, }, } @@ -343,6 +346,7 @@ type AuditRequest struct { ReplicationCluster string `json:"replication_cluster,omitempty"` Operation logical.Operation `json:"operation,omitempty"` MountType string `json:"mount_type,omitempty"` + MountAccessor string `json:"mount_accessor,omitempty"` ClientToken string `json:"client_token,omitempty"` ClientTokenAccessor string `json:"client_token_accessor,omitempty"` Namespace *AuditNamespace `json:"namespace,omitempty"` @@ -357,14 +361,15 @@ type AuditRequest struct { } type AuditResponse struct { - Auth *AuditAuth `json:"auth,omitempty"` - MountType string `json:"mount_type,omitempty"` - Secret *AuditSecret `json:"secret,omitempty"` - Data map[string]interface{} `json:"data,omitempty"` - Warnings []string `json:"warnings,omitempty"` - Redirect string `json:"redirect,omitempty"` - WrapInfo *AuditResponseWrapInfo `json:"wrap_info,omitempty"` - Headers map[string][]string `json:"headers,omitempty"` + Auth *AuditAuth `json:"auth,omitempty"` + MountType string `json:"mount_type,omitempty"` + MountAccessor string `json:"mount_accessor,omitempty"` + Secret *AuditSecret `json:"secret,omitempty"` + Data map[string]interface{} `json:"data,omitempty"` + Warnings []string `json:"warnings,omitempty"` + Redirect string `json:"redirect,omitempty"` + WrapInfo *AuditResponseWrapInfo `json:"wrap_info,omitempty"` + Headers map[string][]string `json:"headers,omitempty"` } type AuditAuth struct { diff --git a/changelog/15342.txt b/changelog/15342.txt new file mode 100644 index 000000000..0b0d6c141 --- /dev/null +++ b/changelog/15342.txt @@ -0,0 +1,3 @@ +```release-note:improvement +audit: Include mount_accessor in audit request and response logs +``` \ No newline at end of file