Allow storing audits into a separate file
Define a separate file for storing audit records, based on a logName
configuration setting in gerrit.audit-sl4j section.
Example:
[plugins "audit-sl4j"]
logName = audit_log
Change-Id: Id36e81764e07a02451bcdc3d4d5c89f6444a6532
diff --git a/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditConfig.java b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditConfig.java
index ce7a09a..291c1f3 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditConfig.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditConfig.java
@@ -18,6 +18,7 @@
import com.google.gerrit.server.config.PluginConfig;
import com.google.gerrit.server.config.PluginConfigFactory;
import com.google.inject.Inject;
+import java.util.Optional;
public class AuditConfig {
private final PluginConfig config;
@@ -30,4 +31,8 @@
public AuditFormatTypes getFormat() {
return config.getEnum("format", AuditFormatTypes.CSV);
}
+
+ public Optional<String> getLogName() {
+ return Optional.ofNullable(config.getString("logName"));
+ }
}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditWriterToAsyncAppender.java b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditWriterToAsyncAppender.java
new file mode 100644
index 0000000..448b4c3
--- /dev/null
+++ b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/AuditWriterToAsyncAppender.java
@@ -0,0 +1,55 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.plugins.auditsl4j;
+
+import com.google.gerrit.common.TimeUtil;
+import com.google.gerrit.server.util.SystemLog;
+import com.google.inject.Singleton;
+import org.apache.log4j.AsyncAppender;
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.apache.log4j.PatternLayout;
+import org.apache.log4j.spi.LoggingEvent;
+
+@Singleton
+public class AuditWriterToAsyncAppender implements AuditWriter {
+ private final Logger log = Logger.getLogger(LoggerAudit.AUDIT_LOGGER_NAME);
+ private final AsyncAppender appender;
+
+ public AuditWriterToAsyncAppender(AuditConfig config, SystemLog systemLog) {
+ String logName = config.getLogName().get();
+ appender = systemLog.createAsyncAppender(logName, new PatternLayout());
+ }
+
+ @Override
+ public void write(String auditBody) {
+ appender.append(newLoggingEvent(auditBody));
+ }
+
+ private LoggingEvent newLoggingEvent(String auditBody) {
+ return new LoggingEvent( //
+ LoggerAudit.AUDIT_LOGGER_NAME,
+ log, // logger
+ TimeUtil.nowMs(), // when
+ Level.INFO, // level
+ auditBody, // message text
+ "HTTPD", // thread name
+ null, // exception information
+ null, // current NDC string
+ null, // caller location
+ null // MDC properties
+ );
+ }
+}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/Module.java b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/Module.java
index 664ce4d..6ebe298 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/Module.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/auditsl4j/Module.java
@@ -42,5 +42,9 @@
default:
throw new IllegalArgumentException("Unsupported renderer '" + rendererType + "'");
}
+
+ if (config.getLogName().isPresent()) {
+ bind(AuditWriter.class).to(AuditWriterToAsyncAppender.class);
+ }
}
}
diff --git a/src/main/resources/Documentation/config.md b/src/main/resources/Documentation/config.md
index 3ec4085..a18a878 100644
--- a/src/main/resources/Documentation/config.md
+++ b/src/main/resources/Documentation/config.md
@@ -9,4 +9,8 @@
gerrit.audit-sl4j.format
: Output format of the audit record. Can be set to either JSON
- or CSV. By default, CSV.
\ No newline at end of file
+ or CSV. By default, CSV.
+
+gerrit.audit-sl4j.logName
+: Write audit to a separate log name under Gerrit logs directory.
+ By default, audit records are put into the error_log.
\ No newline at end of file
