schemeshard, auditlog: resurrect output to the common log

Add back audit output to the common log to ease transition to a new audit log format and a separate stream for auditlog consumers. KIKIMR-19265
author: ijon <ijon@ydb.tech> 2023-09-08 17:48:20 +0300
committer: ijon <ijon@ydb.tech> 2023-09-08 18:27:07 +0300
commit: b17bc80d6575f0315ff7c9080be206f4b5c7f12c (patch)
tree: 694f0996f8c01ddf2a6340d59027b65041aedc9d
parent: e15df84b09a86f909520fe070387fb6fe660c28e (diff)
download: ydb-b17bc80d6575f0315ff7c9080be206f4b5c7f12c.tar.gz
3 files changed, 52 insertions, 0 deletions
diff --git a/ydb/core/tx/schemeshard/schemeshard__operation.cpp b/ydb/core/tx/schemeshard/schemeshard__operation.cpp
index 8b94d22637..9b6c224ef6 100644
--- a/ydb/core/tx/schemeshard/schemeshard__operation.cpp
+++ b/ydb/core/tx/schemeshard/schemeshard__operation.cpp
@@ -277,6 +277,11 @@ struct TSchemeShard::TTxOperationPropose: public NTabletFlatExecutor::TTransacti
 
         AuditLogModifySchemeTransaction(record, Response->Record, Self, UserSID);
 
+        //NOTE: Double audit output into the common log as a way to ease
+        // transition to a new auditlog stream.
+        // Should be removed when no longer needed.
+        AuditLogModifySchemeTransactionDeprecated(record, Response->Record, Self, UserSID);
+
         const TActorId sender = Request->Sender;
         const ui64 cookie = Request->Cookie;
         ctx.Send(sender, Response.Release(), 0, cookie);
diff --git a/ydb/core/tx/schemeshard/schemeshard_audit_log.cpp b/ydb/core/tx/schemeshard/schemeshard_audit_log.cpp
index a0a0145ac9..0fb89a6bb0 100644
--- a/ydb/core/tx/schemeshard/schemeshard_audit_log.cpp
+++ b/ydb/core/tx/schemeshard/schemeshard_audit_log.cpp
@@ -118,4 +118,50 @@ void AuditLogModifySchemeTransaction(const NKikimrScheme::TEvModifySchemeTransac
     }
 }
 
+//NOTE: Resurrected a way to log audit records into the common log.
+// This should be dropped again as soon as auditlog consumers will switch to a proper way.
+void AuditLogModifySchemeTransactionDeprecated(const NKikimrScheme::TEvModifySchemeTransaction& request, const NKikimrScheme::TEvModifySchemeTransactionResult& response, TSchemeShard* SS, const TString& userSID) {
+    // Each TEvModifySchemeTransaction.Transaction is a self sufficient operation and should be logged independently
+    // (even if it was packed into a single TxProxy transaction with some other operations).
+    for (const auto& operation : request.GetTransaction()) {
+        auto logEntry = MakeAuditLogFragment(operation);
+
+        TPath databasePath = DatabasePathFromWorkingDir(SS, operation.GetWorkingDir());
+        auto peerName = request.GetPeerName();
+
+        auto entry = TStringBuilder();
+
+        entry << "txId: " << std::to_string(request.GetTxId());
+        if (!databasePath.IsEmpty()) {
+            entry << ", database: " << databasePath.GetDomainPathString();
+        }
+        entry << ", subject: " << userSID;
+        entry << ", status: " << NKikimrScheme::EStatus_Name(response.GetStatus());
+        if (response.HasReason()) {
+            entry << ", reason: " << response.GetReason();
+        }
+        entry << ", operation: " << logEntry.Operation;
+        if (logEntry.Paths.size() > 1) {
+            for (const auto& i : logEntry.Paths) {
+                entry << ", dst path: " << i;
+            }
+        } else if (logEntry.Paths.size() == 1) {
+            entry << ", path: " << logEntry.Paths.front();
+        } else {
+            entry << ", no path";
+        }
+        if (!logEntry.NewOwner.empty()) {
+            entry << ", set owner:" << logEntry.NewOwner;
+        }
+        for (const auto& i : logEntry.ACLAdd) {
+            entry << ", add access: " << i;
+        }
+        for (const auto& i : logEntry.ACLRemove) {
+            entry << ", add access: " << i;
+        }
+
+        LOG_NOTICE_S(TlsActivationContext->AsActorContext(), NKikimrServices::FLAT_TX_SCHEMESHARD, "AUDIT: " <<  entry);
+    }
+}
+
 }
diff --git a/ydb/core/tx/schemeshard/schemeshard_audit_log.h b/ydb/core/tx/schemeshard/schemeshard_audit_log.h
index f9db15179f..559099131b 100644
--- a/ydb/core/tx/schemeshard/schemeshard_audit_log.h
+++ b/ydb/core/tx/schemeshard/schemeshard_audit_log.h
@@ -12,5 +12,6 @@ namespace NKikimr::NSchemeShard {
 class TSchemeShard;
 
 void AuditLogModifySchemeTransaction(const NKikimrScheme::TEvModifySchemeTransaction& request, const NKikimrScheme::TEvModifySchemeTransactionResult& response, TSchemeShard* SS, const TString& userSID);
+void AuditLogModifySchemeTransactionDeprecated(const NKikimrScheme::TEvModifySchemeTransaction& request, const NKikimrScheme::TEvModifySchemeTransactionResult& response, TSchemeShard* SS, const TString& userSID);
 
 }
author	ijon <ijon@ydb.tech>	2023-09-08 17:48:20 +0300
committer	ijon <ijon@ydb.tech>	2023-09-08 18:27:07 +0300
commit	b17bc80d6575f0315ff7c9080be206f4b5c7f12c (patch)
tree	694f0996f8c01ddf2a6340d59027b65041aedc9d
parent	e15df84b09a86f909520fe070387fb6fe660c28e (diff)
download	ydb-b17bc80d6575f0315ff7c9080be206f4b5c7f12c.tar.gz