Write connection timestamp to the audit logs
Diff
Cargo.lock | 28 ++++++++++++++++++++++++++++
Cargo.toml | 1 +
src/audit.rs | 4 ++++
3 files changed, 33 insertions(+)
@@ -853,6 +853,7 @@ dependencies = [
"shlex",
"thrussh",
"thrussh-keys",
"time",
"tokio",
"toml",
"tracing",
@@ -1248,6 +1249,33 @@ dependencies = [
]
[[package]]
name = "time"
version = "0.3.22"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ea9e1b3cf1243ae005d9e74085d4d542f3125458f3a81af210d901dcd7411efd"
dependencies = [
"itoa",
"serde",
"time-core",
"time-macros",
]
[[package]]
name = "time-core"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb"
[[package]]
name = "time-macros"
version = "0.2.9"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "372950940a5f07bf38dbe211d7283c9e6d7327df53794992d293e534c733d09b"
dependencies = [
"time-core",
]
[[package]]
name = "tokio"
version = "1.28.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -17,6 +17,7 @@ serde_json = "1.0"
shlex = "1.1"
thrussh = "0.34"
thrussh-keys = "0.22"
time = { version = "0.3", features = ["serde", "formatting"] }
tokio = { version = "1.28", features = ["full"] }
toml = "0.7"
tracing = "0.1"
@@ -7,6 +7,7 @@ use std::{
sync::Arc,
time::{Duration, Instant},
};
use time::OffsetDateTime;
use tokio::{
fs::OpenOptions,
io::{AsyncWriteExt, BufWriter},
@@ -66,6 +67,8 @@ pub fn start_audit_writer(
#[derive(Serialize)]
pub struct AuditLog {
pub connection_id: Uuid,
#[serde(with = "time::serde::rfc3339")]
pub ts: OffsetDateTime,
pub peer_address: Option<SocketAddr>,
pub environment_variables: Vec<(Box<str>, Box<str>)>,
pub events: Vec<AuditLogEvent>,
@@ -77,6 +80,7 @@ impl Default for AuditLog {
fn default() -> Self {
Self {
connection_id: Uuid::default(),
ts: OffsetDateTime::now_utc(),
peer_address: None,
environment_variables: vec![],
events: vec![],