Merge 4b49713 into 8c8ed07

Author: UgnineSirdis

ydb/core/audit/audit_log_impl.cpp

@@ -73,7 +73,7 @@ void WriteLog(const TString& log, const TVector<THolder<TLogBackend>>& logBacken
                 log.length()
             ));
         } catch (const yexception& e) {
-            LOG_W("WriteLog: unable to write audit log (error: " << e.what() << ")");
+            LOG_E("WriteLog: unable to write audit log (error: " << e.what() << ")");
         }
     }
 }

ydb/core/log_backend/json_envelope.cpp

@@ -0,0 +1,88 @@
+#include "json_envelope.h"
+
+#include <util/charset/utf8.h>
+
+namespace NKikimr {
+
+const TStringBuf PLACEHOLDER = "%message%";
+
+void TJsonEnvelope::Parse() {
+    ReadJsonTree(TemplateString, &Value, true);
+    Parse(&Value);
+}
+
+void TJsonEnvelope::Parse(NJson::TJsonValue* value) {
+    switch (value->GetType()) {
+    case NJson::JSON_STRING: {
+            TReplace replace(value);
+            if (replace.Parse(value->GetStringSafe())) {
+                Replaces.emplace_back(std::move(replace));
+            }
+            break;
+        }
+    case NJson::JSON_ARRAY: {
+            for (NJson::TJsonValue& el : value->GetArraySafe()) {
+                Parse(&el);
+            }
+            break;
+        }
+    case NJson::JSON_MAP: {
+            for (auto& [key, el] : value->GetMapSafe()) {
+                Parse(&el);
+            }
+            break;
+        }
+    default:
+        break;
+    }
+}
+
+TString TJsonEnvelope::ApplyJsonEnvelope(const TStringBuf& message) {
+    if (!IsUtf(message)) {
+        throw std::runtime_error("Attempt to write non utf-8 string");
+    }
+
+    for (TReplace& replace : Replaces) {
+        replace.Apply(message);
+    }
+
+    TStringStream ss;
+    NJson::WriteJson(&ss, &Value, NJson::TJsonWriterConfig().SetValidateUtf8(true));
+    ss << Endl;
+    return ss.Str();
+}
+
+bool TJsonEnvelope::TReplace::Parse(const TString& replace) {
+    size_t pos = replace.find(PLACEHOLDER);
+    if (pos == TString::npos) {
+        return false;
+    }
+
+    if (pos != 0) {
+        ReplaceSequence.emplace_back(replace.substr(0, pos));
+    }
+    while (pos != TString::npos) {
+        ReplaceSequence.emplace_back(); // placeholder
+        if (pos + PLACEHOLDER.size() == replace.size()) {
+            break;
+        }
+        size_t next = replace.find(PLACEHOLDER, pos + PLACEHOLDER.size());
+        ReplaceSequence.emplace_back(replace.substr(pos + PLACEHOLDER.size(), next == TString::npos ? next : next - pos - PLACEHOLDER.size()));
+        pos = next;
+    }
+    return true;
+}
+
+void TJsonEnvelope::TReplace::Apply(const TStringBuf& message) {
+    TString result;
+    for (const TString& replace : ReplaceSequence) {
+        if (replace.empty()) {
+            result += message;
+        } else {
+            result += replace;
+        }
+    }
+    *Value = result;
+}
+
+} // namespace NKikimr

ydb/core/log_backend/json_envelope.h

@@ -0,0 +1,48 @@
+#pragma once
+#include <library/cpp/json/json_reader.h>
+#include <library/cpp/json/json_writer.h>
+
+#include <util/generic/string.h>
+
+#include <vector>
+
+namespace NKikimr {
+
+class TJsonEnvelope {
+public:
+    explicit TJsonEnvelope(const TString& templateString)
+        : TemplateString(templateString)
+    {
+        Parse(); // can throw
+    }
+
+    TJsonEnvelope() = delete;
+    TJsonEnvelope(const TJsonEnvelope&) = delete;
+    TJsonEnvelope(TJsonEnvelope&&) = delete;
+
+    TString ApplyJsonEnvelope(const TStringBuf& message);
+
+private:
+    void Parse();
+    void Parse(NJson::TJsonValue* value);
+
+private:
+    struct TReplace {
+        NJson::TJsonValue* Value = nullptr;
+        std::vector<TString> ReplaceSequence; // empty string for placeholder
+
+        TReplace(NJson::TJsonValue* value)
+            : Value(value)
+        {}
+
+        bool Parse(const TString& replace);
+        void Apply(const TStringBuf& message);
+    };
+
+private:
+    TString TemplateString;
+    NJson::TJsonValue Value;
+    std::vector<TReplace> Replaces;
+};
+
+} // namespace NKikimr

ydb/core/log_backend/json_envelope_ut.cpp

@@ -0,0 +1,63 @@
+#include "json_envelope.h"
+
+#include <library/cpp/json/json_reader.h>
+#include <library/cpp/json/json_writer.h>
+#include <library/cpp/testing/unittest/registar.h>
+
+namespace NKikimr {
+
+#define UNIT_ASSERT_JSONS_EQUAL(j1, j2) {                    \
+    const TString js1 = (j1), js2 = (j2);                    \
+    UNIT_ASSERT(!js1.empty());                               \
+    UNIT_ASSERT_C(js1.back() == '\n', js1);                  \
+    NJson::TJsonValue jv1, jv2;                              \
+    UNIT_ASSERT(ReadJsonTree(j1, &jv1));                     \
+    UNIT_ASSERT(ReadJsonTree(j2, &jv2));                     \
+    const TString jsn1 = NJson::WriteJson(&jv1, true, true); \
+    const TString jsn2 = NJson::WriteJson(&jv2, true, true); \
+    UNIT_ASSERT_VALUES_EQUAL(jsn1, jsn2);                    \
+}
+
+Y_UNIT_TEST_SUITE(JsonEnvelopeTest) {
+    Y_UNIT_TEST(Replace) {
+        TJsonEnvelope env(R"json({
+            "a": "b",
+            "m": "abc%message%def - %message%!",
+            "subfield": {
+                "s": "% message %",
+                "t": "%Message%",
+                "m": "%message%",
+                "x": 42,
+                "a": [
+                    42,
+                    "42: %message%"
+                ]
+            }
+        })json");
+
+        UNIT_ASSERT_JSONS_EQUAL(env.ApplyJsonEnvelope("msg"), R"json({"a":"b","m":"abcmsgdef - msg!","subfield":{"s":"% message %","t":"%Message%","m":"msg","x":42,"a":[42,"42: msg"]}})json");
+        UNIT_ASSERT_JSONS_EQUAL(env.ApplyJsonEnvelope("xyz"), R"json({"a":"b","m":"abcxyzdef - xyz!","subfield":{"s":"% message %","t":"%Message%","m":"xyz","x":42,"a":[42,"42: xyz"]}})json");
+    }
+
+    Y_UNIT_TEST(Escape) {
+        TJsonEnvelope env(R"json({
+            "a": "%message%"
+        })json");
+
+        UNIT_ASSERT_JSONS_EQUAL(env.ApplyJsonEnvelope("msg"), R"json({"a":"msg"})json");
+        UNIT_ASSERT_JSONS_EQUAL(env.ApplyJsonEnvelope("\"\n\""), R"json({"a":"\"\n\""})json");
+    }
+
+    Y_UNIT_TEST(BinaryData) {
+        TJsonEnvelope env(R"json({
+            "a": "%message%"
+        })json");
+
+        const ui64 binaryData = 0xABCDEFFF87654321;
+        const TStringBuf data(reinterpret_cast<const char*>(&binaryData), sizeof(binaryData));
+        UNIT_ASSERT_EXCEPTION(env.ApplyJsonEnvelope(data), std::exception);
+        UNIT_ASSERT_JSONS_EQUAL(env.ApplyJsonEnvelope("text"), R"json({"a":"text"})json");
+    }
+}
+
+} // namespace NKikimr

ydb/core/log_backend/log_backend.cpp

@@ -1,9 +1,52 @@
 #include "log_backend.h"
+#include "json_envelope.h"
 #include "log_backend_build.h"
 #include <ydb/core/base/counters.h>
 
+#include <util/system/mutex.h>
+
 namespace NKikimr {
 
+class TLogBackendWithJsonEnvelope : public TLogBackend {
+public:
+    TLogBackendWithJsonEnvelope(const TString& jsonEnvelope, THolder<TLogBackend> logBackend)
+        : JsonEnvelope(jsonEnvelope)
+        , LogBackend(std::move(logBackend))
+    {}
+
+    void WriteData(const TLogRecord& rec) override {
+        TString data;
+        TLogRecord record = rec;
+        with_lock (Mutex) {
+            data = JsonEnvelope.ApplyJsonEnvelope(TStringBuf(record.Data, record.Len));
+        }
+        record.Data = data.data();
+        record.Len = data.size();
+        LogBackend->WriteData(record);
+    }
+
+    void ReopenLog() override {
+        LogBackend->ReopenLog();
+    }
+
+    void ReopenLogNoFlush() override {
+        LogBackend->ReopenLogNoFlush();
+    }
+
+    ELogPriority FiltrationLevel() const override {
+        return LogBackend->FiltrationLevel();
+    }
+
+    size_t QueueSize() const override {
+        return LogBackend->QueueSize();
+    }
+
+private:
+    TJsonEnvelope JsonEnvelope;
+    THolder<TLogBackend> LogBackend;
+    TMutex Mutex;
+};
+
 TAutoPtr<TLogBackend> CreateLogBackendWithUnifiedAgent(
         const TKikimrRunConfig& runConfig,
         NMonitoring::TDynamicCounterPtr counters)
@@ -127,36 +170,46 @@ TAutoPtr<TLogBackend> CreateAuditLogUnifiedAgentBackend(
     return logBackend;
 }
 
+THolder<TLogBackend> MaybeWrapWithJsonEnvelope(THolder<TLogBackend> logBackend, const TString& jsonEnvelope) {
+    if (jsonEnvelope.empty() || !logBackend) {
+        return logBackend;
+    }
+
+    return MakeHolder<TLogBackendWithJsonEnvelope>(jsonEnvelope, std::move(logBackend));
+}
+
 TMap<NKikimrConfig::TAuditConfig::EFormat, TVector<THolder<TLogBackend>>> CreateAuditLogBackends(
         const TKikimrRunConfig& runConfig,
         NMonitoring::TDynamicCounterPtr counters) {
     TMap<NKikimrConfig::TAuditConfig::EFormat, TVector<THolder<TLogBackend>>> logBackends;
-    if (runConfig.AppConfig.HasAuditConfig() && runConfig.AppConfig.GetAuditConfig().HasStderrBackend()) {
-        auto logBackend = NActors::CreateStderrBackend();
-        auto format = runConfig.AppConfig.GetAuditConfig().GetStderrBackend().GetFormat();
-        logBackends[format].push_back(std::move(logBackend));
-    }
 
-    if (runConfig.AppConfig.HasAuditConfig() && runConfig.AppConfig.GetAuditConfig().HasFileBackend()) {
-        auto logBackend = CreateAuditLogFileBackend(runConfig);
-        if (logBackend) {
-            auto format = runConfig.AppConfig.GetAuditConfig().GetFileBackend().GetFormat();
+    if (runConfig.AppConfig.HasAuditConfig()) {
+        const auto& auditConfig = runConfig.AppConfig.GetAuditConfig();
+        if (auditConfig.HasStderrBackend()) {
+            auto logBackend = MaybeWrapWithJsonEnvelope(NActors::CreateStderrBackend(), auditConfig.GetStderrBackend().GetLogJsonEnvelope());
+            auto format = auditConfig.GetStderrBackend().GetFormat();
             logBackends[format].push_back(std::move(logBackend));
         }
-    }
 
-    if (runConfig.AppConfig.HasAuditConfig() && runConfig.AppConfig.GetAuditConfig().HasUnifiedAgentBackend()) {
-        auto logBackend = CreateAuditLogUnifiedAgentBackend(runConfig, counters);
-        if (logBackend) {
-            auto format = runConfig.AppConfig.GetAuditConfig().GetUnifiedAgentBackend().GetFormat();
-            logBackends[format].push_back(std::move(logBackend));
+        if (auditConfig.HasFileBackend()) {
+            auto logBackend = MaybeWrapWithJsonEnvelope(CreateAuditLogFileBackend(runConfig), auditConfig.GetFileBackend().GetLogJsonEnvelope());
+            if (logBackend) {
+                auto format = auditConfig.GetFileBackend().GetFormat();
+                logBackends[format].push_back(std::move(logBackend));
+            }
         }
-    }
 
+        if (auditConfig.HasUnifiedAgentBackend()) {
+            auto logBackend = MaybeWrapWithJsonEnvelope(CreateAuditLogUnifiedAgentBackend(runConfig, counters), auditConfig.GetUnifiedAgentBackend().GetLogJsonEnvelope());
+            if (logBackend) {
+                auto format = auditConfig.GetUnifiedAgentBackend().GetFormat();
+                logBackends[format].push_back(std::move(logBackend));
+            }
+        }
+    }
 
     return logBackends;
 }
 
 
 } // NKikimr
-

ydb/core/log_backend/ut/ya.make

@@ -0,0 +1,7 @@
+UNITTEST_FOR(ydb/core/log_backend)
+
+SRCS(
+    json_envelope_ut.cpp
+)
+
+END()

ydb/core/log_backend/ya.make

@@ -1,6 +1,7 @@
 LIBRARY()
 
 SRCS(
+    json_envelope.cpp
     log_backend.cpp
     log_backend.h
     log_backend_build.cpp
@@ -15,3 +16,7 @@ PEERDIR(
 YQL_LAST_ABI_VERSION()
 
 END()
+
+RECURSE_FOR_TESTS(
+    ut
+)

ydb/core/protos/config.proto

@@ -1455,16 +1455,19 @@ message TAuditConfig {
 
     message TStderrBackend {
         optional EFormat Format = 1 [default = JSON];
+        optional string LogJsonEnvelope = 2; // Json template with text field containing %message% placeholder. For example {"my_enveloped_message": "%message%"}. %message% will be replaced with real audit log message
     }
 
     message TFileBackend {
         optional EFormat Format = 1 [default = JSON];
         optional string FilePath = 2;
+        optional string LogJsonEnvelope = 3; // Json template with text field containing %message% placeholder. For example {"my_enveloped_message": "%message%"}. %message% will be replaced with real audit log message
     }
 
     message TUnifiedAgentBackend {
         optional EFormat Format = 1 [default = JSON];
         optional string LogName = 2;
+        optional string LogJsonEnvelope = 3; // Json template with text field containing %message% placeholder. For example {"my_enveloped_message": "%message%"}. %message% will be replaced with real audit log message
     }
 
     optional TStderrBackend StderrBackend = 1;