Elasticsearch Auditing(es的審計功能)
在Spring Data Elasticsearch中,提供了審計功能。即資料的建立人、建立時間、最後修改人等等,都是可以記錄追蹤的。本文示例如何使用es的審計功能。
目錄
一、資料實體類實現Persistable介面
package cn.jack.elasticsearchdemo.domain;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.elasticsearch.client.security.user.User;
import org.springframework.data.annotation.*;
import org.springframework.data.domain.Persistable;
import org.springframework.data.elasticsearch.annotations.DateFormat;
import org.springframework.data.elasticsearch.annotations.Document;
import org.springframework.data.elasticsearch.annotations.Field;
import org.springframework.data.elasticsearch.annotations.FieldType;
import java.time.Instant;
import java.util.List;
@Data
@AllArgsConstructor
@NoArgsConstructor
@Document(indexName = "jack_person")
@TypeAlias("human")
public class Person implements Persistable<String> {
@Id
private String id;
@Field(fielddata = true)
private String name;
private String gender;
private Book book;
private List<String> hobbies;
@Transient
private String abc;
// ========= 審計需要的相關欄位 =========
@Field(type = FieldType.Date, format = DateFormat.basic_date_time)
@CreatedDate
private Instant createdDate;
@CreatedBy
private User createdBy;
@Field(type = FieldType.Date, format = DateFormat.basic_date_time)
@LastModifiedDate
private Instant lastModifiedDate;
@LastModifiedBy
private User lastModifiedBy;
/**
* to determine if an enitity is new in Elasticsearch
* @return
*/
@Override
public boolean isNew() {
return id == null
|| (createdDate == null && createdBy == null);
}
}
二、提供AuditorAware
提供AuditorAware,讓審計模組知道當前是誰在操作。
package cn.jack.elasticsearchdemo.config;
import org.elasticsearch.client.security.user.User;
import org.springframework.data.domain.AuditorAware;
import org.springframework.stereotype.Component;
import java.util.Arrays;
import java.util.Optional;
@Component // 交由spring管理,否則無法獲取使用者資訊
public class EsAuditorAware implements AuditorAware<User> {
@Override
public Optional<User> getCurrentAuditor() {
// 模擬獲取當前使用者
User user = new User("jack", Arrays.asList("ROLE_ADMIN"));
return Optional.ofNullable(user);
/**
* 如果許可權模組使用的是Spring Security,可以使用以下程式碼獲取當前使用者
*/
/*return Optional.ofNullable(SecurityContextHolder.getContext())
.map(SecurityContext::getAuthentication)
.filter(Authentication::isAuthenticated)
.map(Authentication::getPrincipal)
.map(User.class::cast);*/
}
}
三、啟用審計功能
在java config配置類,或者application主類上,通過@EnableElasticsearchAuditing註解啟用審計功能。
package cn.jack.elasticsearchdemo;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
import org.springframework.context.annotation.Bean;
import org.springframework.data.elasticsearch.client.ClientConfiguration;
import org.springframework.data.elasticsearch.client.reactive.ReactiveElasticsearchClient;
import org.springframework.data.elasticsearch.client.reactive.ReactiveRestClients;
import org.springframework.data.elasticsearch.config.EnableElasticsearchAuditing;
import org.springframework.data.elasticsearch.repository.config.EnableElasticsearchRepositories;
import org.springframework.http.HttpHeaders;
import java.time.Duration;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
@SpringBootApplication(exclude = DataSourceAutoConfiguration.class) // 專案沒有用到關係型資料庫,排除此類,避免啟動異常
@EnableElasticsearchRepositories(basePackages = "cn.jack.elasticsearchdemo.repository") // dao所在包名,不加此配置則需要每個dao都加上@Repository註解交由spring管理
@EnableElasticsearchAuditing // 啟用審計功能
public class ElasticsearchdemoApplication {
public static void main(String[] args) {
SpringApplication.run(ElasticsearchdemoApplication.class, args);
}
}
四、測試
使用junit進行單元測試。
@RunWith(SpringRunner.class)
@SpringBootTest(classes = ElasticsearchdemoApplication.class)
@Slf4j
public class EsTest {
@Autowired
private PersonRepository personRepository;
@Test
public void testAuditing() {
Person person = new Person();
person.setName("審計測試5");
this.personRepository.save(person);
System.out.println(person);
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
e.printStackTrace();
}
person.setHobbies(Arrays.asList("跳舞"));
this.personRepository.save(person);
System.out.println(person);
}
}
通過控制檯輸出可以確定,審計功能生效。
Person(id=Ozxk_XQBrwRoe5ExL8Fn, name=審計測試5, gender=null, book=null, hobbies=null, abc=null, createdDate=2020-10-06T10:10:35.418001600Z, createdBy=User[username=jack,roles=[ROLE_ADMIN],metadata={},fullName=null,email=null], lastModifiedDate=2020-10-06T10:10:35.418001600Z, lastModifiedBy=User[username=jack,roles=[ROLE_ADMIN],metadata={},fullName=null,email=null])
Person(id=Ozxk_XQBrwRoe5ExL8Fn, name=審計測試5, gender=null, book=null, hobbies=[跳舞], abc=null, createdDate=2020-10-06T10:10:35.418001600Z, createdBy=User[username=jack,roles=[ROLE_ADMIN],metadata={},fullName=null,email=null], lastModifiedDate=2020-10-06T10:10:36.617001600Z, lastModifiedBy=User[username=jack,roles=[ROLE_ADMIN],metadata={},fullName=null,email=null])
相關文章
- Kubernetes 審計(Auditing)
- 基於值的審計(value-based auditing)
- Oracle 12c 統一審計(Unified Auditing)OracleNifi
- ORACLE的 審計功能Oracle
- Fine-Grained Auditing test (精細審計:FGA測試)AI
- Oracle 審計功能Oracle
- MySQL審計功能MySql
- oracle審計功能Oracle
- 初識ORACLE的審計功能Oracle
- 開啟Oracle的審計功能Oracle
- Oracle FGA審計功能Oracle
- Oracle Database標準審計和細粒度審計功能OracleDatabase
- 關於oracle審計功能Oracle
- mysql啟用審計功能MySql
- LINUX AS 5 審計功能Linux
- Elasticsearch(ES)叢集的搭建Elasticsearch
- 【Mysql】mysql開啟審計功能MySql
- Oracle audit 審計功能說明Oracle
- oracle10g 審計功能Oracle
- oracle9i審計功能的開啟和審計策略的設定方法Oracle
- Oracle Audit 審計功能的認識與使用Oracle
- 關於oracle11g的審計功能Oracle
- CQ Tech | 解析 CloudQuery 審計分析功能Cloud
- 【實驗】【審計】【FGA】使用Oracle的審計功能監控資料庫中的可疑操作Oracle資料庫
- 財務軟體的審計功能怎麼用
- 快速實現oracle10g的審計功能Oracle
- 【FGA】將FGA細粒度審計功能的審計結果記錄在資料庫中資料庫
- 【FGA】將FGA細粒度審計功能的審計結果記錄在XML檔案中XML
- go-mysql-es同步elasticsearchGoMySqlElasticsearch
- MySQL5.7審計功能windows系統MySqlWindows
- 開啟mysql 資料庫審計功能。MySql資料庫
- oracle 11g 系統審計功能Oracle
- Oracle資料庫審計功能介紹Oracle資料庫
- oracle 11g 關閉審計功能Oracle
- ORACLE SYSTEM表空間異常與審計的功能Oracle
- Elasticsearch(ES)分詞器的那些事兒Elasticsearch分詞
- Standard Database AuditingDatabase
- Auditing Database AccessDatabase