Package org.graylog2.audit.formatter
Interface FormattedAuditEvent
public interface FormattedAuditEvent
-
Method Summary
Modifier and TypeMethodDescriptionaction()
The audit event action.actorUrn()
The audit event actor as URN string.The audit event attributes that will be stored in the database.The message template string that will be used to present the audit event to humans.The audit event namespace.The audit event object as URN.
-
Method Details
-
actorUrn
String actorUrn()The audit event actor as URN string. UseAuditActor.urn()
to build the URN! Examples:urn:graylog:user:jane
urn:graylog:node:28164cbe-4ad9-4c9c-a76e-088655aa7889
- Returns:
- the actor URN
-
namespace
String namespace()The audit event namespace. Each plugin should have its own, unique namespace. The Graylog server namespace isserver
.- Returns:
- namespace string
-
objectUrn
String objectUrn()The audit event object as URN. Examples:urn:graylog:dashboard:56f2fdefa0275b357744230c:widget:57ab37cc67d0cb54582d43a0
urn:graylog:message_input:56f2fdefa0275b357744230c
urn:graylog:pipeline-rule:57ab37cc67d0cb54582d43a0
- Returns:
- the object URN
-
action
String action()The audit event action. A simple string that identifies the action for the object. Examples:create
delete
update
start
stop
- Returns:
- the action
-
messageTemplate
String messageTemplate()The message template string that will be used to present the audit event to humans. All data inattributes()
as well as the following fields can be used as variables.- actor
- namespace
- object
- action
"Message input ${input_name} created"
- Returns:
-
attributes
The audit event attributes that will be stored in the database. All information that is needed by themessageTemplate()
should be in here. Make sure you do not store any sensitive information like passwords and API tokens!- Returns:
- the audit event attributes
-