soar_auditing_provider 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. checksums.yaml +4 -4
  2. data/lib/soar_auditing_provider/auditing_provider.rb +33 -7
  3. data/lib/soar_auditing_provider/auditing_worker.rb +16 -10
  4. data/lib/soar_auditing_provider/version.rb +1 -1
  5. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 533e50f96d003eaf80b09fa70ec1154c7c28478f
4
- data.tar.gz: 69cac5833f72d7f332f364cad8799ff091293e30
3
+ metadata.gz: 1b51be1b463900ba2715d257a51f3a0cdfa8c460
4
+ data.tar.gz: 3ef84c3086184040563844bf10e36c548fb97886
5
5
  SHA512:
6
- metadata.gz: d7d3045035d9b59331a9d34a19ca88f52628f25dcd0bca2ea983ce2bd86562241576975040be9558072915a6a8fd4a529384cd344bd388e0f6930725a9e3116e
7
- data.tar.gz: 614ffb3a1b13cb9e884ca84293ceabe88037dec32bfe56aa2d9c741b02d00e5c88c8ca2b97f8ab8ed49c481f7ec3551a6a398d2a289542e9bc68f31c877dac6a
6
+ metadata.gz: 57cea7784dab0e044ccefb314bef4579b06dddd823a8c7d0883d7628d73db9a1b4ef4f96df3a2d59183ebb6881eaaf5c184912c80ce2a8f3dc72a2e606d3cd90
7
+ data.tar.gz: bd2fd69d3e94fbb4dfa9e81779afa17e623a7807e6da60ca3b5595e47cbcfabadd80ed24c5db004535b3e7bd8383e96f01c0b29cc04721e5f469b69f6b23f0e4
data/lib/soar_auditing_provider/auditing_provider.rb CHANGED
@@ -29,6 +29,7 @@ module SoarAuditingProvider
29
29
  create_auditing_worker
30
30
  @buffer_overflow_count = 0
31
31
  install_at_exit_handler
32
+ initialize_metrics
32
33
  end
33
34
 
34
35
  def select_auditor(nfrs)
@@ -68,13 +69,9 @@ module SoarAuditingProvider
68
69
  end
69
70
 
70
71
  def detailed_status
71
- { 'audit_buffer_overflows' => @buffer_overflow_count,
72
- 'startup_flow_id' => @startup_flow_id,
73
- 'failed_audit_attempts' => @worker.failed_audit_attempts,
74
- 'successful_audits' => @worker.successful_audits,
75
- 'total_audits' => @worker.total_audits,
76
- 'latest_audit_timespan' => @worker.latest_audit_timespan,
77
- 'latest_audit_timestamp' => @worker.latest_audit_timestamp }
72
+ detail = basic_status_detail
73
+ detail = detail.merge(verbose_status_detail) if @configuration['verbose_detail']
74
+ detail
78
75
  end
79
76
 
80
77
  def flush
@@ -113,6 +110,7 @@ module SoarAuditingProvider
113
110
 
114
111
  def enqueue(level, data)
115
112
  @worker.enqueue(level, data)
113
+ @enqueued_audit_events += 1
116
114
  rescue AuditingOverflowError
117
115
  increase_buffer_overflow_count
118
116
  $stderr.puts "Audit buffer full, unable to audit event : #{level} : #{data}"
@@ -160,5 +158,33 @@ module SoarAuditingProvider
160
158
  $stderr.puts 'Invalid auditor configuration'
161
159
  raise
162
160
  end
161
+
162
+ def initialize_metrics
163
+ @startup_timestamp = Time.now.utc.iso8601(3)
164
+ @enqueued_audit_events = 0
165
+ end
166
+
167
+ def verbose_status_detail
168
+ {
169
+ 'worker' => {
170
+ 'dequeued_audits' => @worker.dequeued_audits,
171
+ 'successful_audits' => @worker.successful_audits,
172
+ 'failed_audit_attempts' => @worker.failed_audit_attempts,
173
+ 'latest_successful_audit_timespan' => @worker.latest_successful_audit_timespan,
174
+ 'latest_successful_audit_timestamp' => @worker.latest_successful_audit_timestamp,
175
+ 'latest_failed_audit_timestamp' => @worker.latest_failed_audit_timestamp,
176
+ 'latest_failed_audit_error_message' => @worker.latest_failed_audit_error_message
177
+ }
178
+ }
179
+ end
180
+
181
+ def basic_status_detail
182
+ {
183
+ 'audit_buffer_overflows' => @buffer_overflow_count,
184
+ 'enqueued_audit_events' => @enqueued_audit_events,
185
+ 'startup_flow_id' => @startup_flow_id,
186
+ 'startup_timestamp' => @startup_timestamp
187
+ }
188
+ end
163
189
  end
164
190
  end
data/lib/soar_auditing_provider/auditing_worker.rb CHANGED
@@ -3,10 +3,12 @@ require 'soar_thread_worker/thread_worker'
3
3
  module SoarAuditingProvider
4
4
  class AuditingWorker < SoarThreadWorker::ThreadWorker
5
5
  attr_reader :failed_audit_attempts
6
+ attr_reader :latest_failed_audit_timestamp
7
+ attr_reader :latest_failed_audit_error_message
6
8
  attr_reader :successful_audits
7
- attr_reader :total_audits
8
- attr_reader :latest_audit_timespan
9
- attr_reader :latest_audit_timestamp
9
+ attr_reader :dequeued_audits
10
+ attr_reader :latest_successful_audit_timespan
11
+ attr_reader :latest_successful_audit_timestamp
10
12
 
11
13
  def initialize
12
14
  @queue = Queue.new
@@ -43,7 +45,7 @@ module SoarAuditingProvider
43
45
 
44
46
  def execute
45
47
  audit_event = @queue.pop
46
- @total_audits += 1
48
+ @dequeued_audits += 1
47
49
  failed_before = false
48
50
  begin
49
51
  if @stopping
@@ -53,7 +55,8 @@ module SoarAuditingProvider
53
55
  exponential_back_off(start_at_last_attempt: failed_before) {
54
56
  time_before_audit = Time.now
55
57
  @auditor_audit_method.call(audit_event[:level],audit_event[:data])
56
- @latest_audit_timespan = Time.now - time_before_audit
58
+ @latest_successful_audit_timespan = (Time.now - time_before_audit).round(3)
59
+ @latest_successful_audit_timestamp = Time.now.utc.iso8601(3)
57
60
  @successful_audits += 1
58
61
  }
59
62
  rescue Exception => e
@@ -61,7 +64,6 @@ module SoarAuditingProvider
61
64
  failed_before = true
62
65
  retry
63
66
  end
64
- @latest_audit_timestamp = Time.now.utc
65
67
  return false #indicates to thread worder that we are not done executing
66
68
  end
67
69
 
@@ -130,10 +132,12 @@ module SoarAuditingProvider
130
132
  end
131
133
  begin
132
134
  yield
133
- rescue StandardError
135
+ rescue StandardError => exception
134
136
  # Any exception derived from StandardError is assumed to be a failure and
135
137
  # attempted again until it completes without an exception or an exception
136
138
  # not derived from StandardError
139
+ @latest_failed_audit_error_message = "#{exception.class}: #{exception.message}"
140
+ @latest_failed_audit_timestamp = Time.now.utc.iso8601(3)
137
141
  @failed_audit_attempts += 1
138
142
  if ((attempt <= @maximum_back_off_attempts) and (not @stopping)) then
139
143
  sleep_unless_stopping(calculate_back_off_delay(attempt))
@@ -165,10 +169,12 @@ module SoarAuditingProvider
165
169
 
166
170
  def initialize_metrics
167
171
  @failed_audit_attempts = 0
172
+ @latest_failed_audit_timestamp = 0
168
173
  @successful_audits = 0
169
- @total_audits = 0
170
- @latest_audit_timespan = 0
171
- @latest_audit_timestamp = 0
174
+ @latest_successful_audit_timestamp = 0
175
+ @dequeued_audits = 0
176
+ @latest_successful_audit_timespan = 0
177
+ @latest_failed_audit_error_message = "None"
172
178
  end
173
179
  end
174
180
  end
data/lib/soar_auditing_provider/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module SoarAuditingProvider
2
- VERSION = "1.1.1"
2
+ VERSION = "1.1.2"
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: soar_auditing_provider
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.1.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Ernst van Graan
@@ -9,7 +9,7 @@ authors:
9
9
  autorequire:
10
10
  bindir: exe
11
11
  cert_chain: []
12
- date: 2016-10-06 00:00:00.000000000 Z
12
+ date: 2016-10-10 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: bundler