0
Under review

Improved logging format

Steve Shipway 10 months ago • updated by Nils Laumaillé 10 months ago 1

The current logging (to syslog) is pretty basic.  It would be helpful if it were expanded to a more parseable format , eg JSON.  Also, when copying to clipboard, only the item number is recorded.


Current logging format example:


Mar 22 00:54:55 localhost teampass: The password of Item #11 was copied to clipboard by steves.
Mar 22 13:55:13 localhost teampass: The Item anotheritem was at_shown by steves
Mar 22 13:55:26 localhost teampass: The Item foo was at_shown by steves
Mar 22 13:55:30 localhost teampass: The Item foo was at_modification by steves at_description


This would be better in the following format:


Mar 22 00:54:55 localhost teampass: action=copy attribute=password itemno=11 user=steves itemname="anotheritem"

Mar 22 13:55:13 localhost teampass: action=show itemno=11 user=steves itemname="anotheritem"

Mar 22 13:55:26 localhost teampass: action=show itemno=19 user=steves itemname="foo"

Mar 22 13:55:30 localhost teampass: action=modify attribute=description itemno=19 user=steves itemname="foo"

This format is clearer and can easily be parsed by audit tools e.g. Logstash, rsyslog, for later reporting.


In addition, we should be able to specify the Syslog Facility and Severity codes, as these logs may want to be assigned to auth/info for example.