# SoarAuditingProvider This gem provides the auditing API that audit providers for the SOAR architecture should adhere to. Providers are initialized with a list of auditors (already configured) and their configurations, which include the NFRs they support (key: 'nfrs'), and is responsible for selecting an auditor given a set of NFRs. Such selection is made by calling the select(nfrs) method. The auditing API as set out below then delegates auditing actions to the selected auditor. The API provides default delegation behaviour that calls the API methods verbatim on the auditor. NFRs can be anything you want. You can ask the auditing provider to select an auditor based on a set of NFRs. The default behaviour is that the first auditor which matches all NFRs exactly is returned. You can override this behaviour by overriding the select(nfrs) method. If you'd simply like the auditing provider to use the first (perhaps only?) auditor that it knows about, you can tell it to select DEFAULT so: auditor = auditing_provider.select(SoarAuditingProvider::AuditingProviderAPI::DEFAULT) ## Installation Add this line to your application's Gemfile: ```ruby gem 'soar_auditing_provider' ``` And then execute: $ bundle Or install it yourself as: $ gem install soar_auditing_provider ## Usage Extend the SoarAuditingProvider::AuditingProviderAPI to create a new auditing provider, or instantiate the API directly for an out-of-the-box auditing provider with default behaviour. ``` class MyAuditingProvider < SoarAuditingProvider::AuditingProviderAPI end ``` or ``` auditor_provider = SoarAuditingProvider::AuditingProviderAPI.new(auditors) ``` Initialize the provider so: ``` auditor = MyAuditor.new auditor_nfrs = { 'nfrs' => { 'accessibility' => 'local' }, 'privacy' => 'not encrypted' } @iut = MyAuditingProvider.new( { auditor => auditor_nfrs } ) ``` Select an auditor and audit using the API methods. The auditing provider remembers your selection, e.g.: ``` @iut.select( {'accessibility' => 'local' }) @iut.info("This is info") @iut.debug(some_debug_object) @iut.warn("Statistics show that dropped packets have increased to #{dropped}%") @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate") @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.") @iut << 'Rack::CommonLogger requires this' ``` Alternatively, to use different auditors for different sets of NFRs in the same code, do as below. The auditing provider remembers the last auditor selected. ``` auditor_A = @iut.select( {'my nfr 1' => 'criteria 1' }) auditor_B = @iut.select( {'my nfr 2' => 'criteria 2' }) auditor_A.debug('debug') auditor_B.warn('warn') @iut.error('error') # Uses auditor_B since it was selected last ``` The API also supports appending as below, enabling support, e.g. for Rack::CommonLogger, etc.: ``` << ``` ## Detailed example ``` require 'log4r' require 'soar_auditing_provider' class Main include Log4r def test_sanity auditor = Logger.new 'sanity' auditor.outputters = Outputter.stdout @iut = SoarAuditingProvider::AuditingProviderAPI.new( { auditor => { 'nfrs' => {'accessibility' => 'local'} } } ) @iut.select(SoarAuditingProvider::AuditingProviderAPI::DEFAULT) some_debug_object = 123 @iut.info("This is info") @iut.debug(some_debug_object) dropped = 95 @iut.warn("Statistics show that dropped packets have increased to #{dropped}%") @iut.error("Could not resend some dropped packets. They have been lost. All is still OK, I could compensate") @iut.fatal("Unable to perform action, too many dropped packets. Functional degradation.") @iut << 'Rack::CommonLogger requires this' end end main = Main.new main.test_sanity ``` ## Contributing Bug reports and feature requests are welcome by email to ernst dot van dot graan at hetzner dot co dot za. This gem is sponsored by Hetzner (Pty) Ltd (http://hetzner.co.za) ## Notes Though out of scope for the provider, auditors should take into account encoding, serialization, and other NFRs. ## License The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).