Event Auditing
Name:
lib_log.inc
Synopsis:
shn_log_event()
Description:
This unit is used for auditing/logging purposes in Sahana2. If modules need auditing features, it is a matter of passing values through the functions provided here.
shn_log_event( $data_item_UUID=null, $comments, $details=null, $log_level=INFO, $sensitivity_level=NOT_SENSITIVE, $date_time=null, $module=null, $action=null, array $extra_opts=null )
Parameter description.
data_item_UUID
- The UUID of a data item which the log record is related to. (optional)comments
- A breif log messsage. (required)details
- A detailed log message. (optional)log_level
- The log levellog_sensitivity
- The sensitivity of this log message.date_time
- The date and time in the format returned by php date function - date(“Y-m-d H:i:s”)module
- The name of the module, if not specified (if null) it will be determined from $global['module']action
- The name of the action, if not specified (if null) it will be determined from $global['action']extra_opts
- any extra options as an associate array. This array will be parsed in to key-value pairs in the form of <key>value</key> and will be recorded as text.
eg. Longitude, Latitude, etc.
There are five levels of logging, namely
- INFO - Information log records.
- DEBUG - Debugging log records.
- WARN - Warnings
- ERROR - Errors
- FATAL - Fatal Errors
These levels are defined as constants in lib_log.inc
The log level defaults to INFO.
There are nine levels of log sensitivity.
- PERSON_SENSITIVE
- ORGANIZATION_SENSITIVE
- LEAGALLY_SENSITIVE
- NATIONAL_SECURITY_SENSITIVE
- SOCIALLY_SENSITIVE
- DISASTER_MITIGATION_SENSITIVE
- SYSTEM_SENSITIVE
- NOT_SENSITIVE
- UNCLASSIFIED
These levels are defined as constants in lib_log.inc
The senisitvity level defaults to NOT_SENSITIVE
Usage:
<?php // Sample code for demonstrate how to use loger... require_once("conf/config.inc"); // get the log level from Sahana2 main config file. require_once("inc/lib_database/db.inc"); // use DB libraries require_once("inc/lib_logger/logger.inc"); // use logger statement_01; statement_02; statement_03; ... statement_n; shn_log_event("UADD"); // calling the logger ?>
Name:
debug.inc
The default method of logging (to file or to database) can be configured in the sysconf.inc under $conf['default_logger']. \\The log messages will be printed as HTML if the configured logger cannot be created or not found.
A custom logger can be created by extending the class Logger and overriding the log_message() function.
log_message( $data_item_UUID=null, $comments, $details=null, $log_level, $sensitivity_level, $datetime, $module, $action, $ext_opt_str )
Usage:
The logging API MUST be used in the following and similar instances, additionally the module developer is free to use it else where.
- When a write commit is made to the database
- On a configuration change
- On a important event in the business logic of the module
- On an error
- On a security violation or suspicious action
The log messages should be recorded with the appropriate logging level, and sensitivity level, to make event audit more efficient.
Author:
Ravith Botejue.