This C++ plugin provides the iRODS platform a rule engine that can emit a single AMQP 1.0 message to the configured topic for every policy enforcement point (PEP) encountered by the iRODS server.
Building the iRODS Audit Rule Engine Plugin requires iRODS 4.3.0+ (http://github.com/irods/irods).
This plugin requires the iRODS development and runtime packages to be installed on the build machine.
Also, use the iRODS-built CMake (or CMake 3.11+):
export PATH=/opt/irods-externals/cmake3.21.4-0/bin:$PATH
cd irods_rule_engine_plugin_audit_amqp
mkdir build
cd build
cmake ../
make package
The packages produced by CMake will install the Audit plugin shared object file:
/usr/lib/irods/plugins/rule_engines/libirods_rule_engine_plugin-audit_amqp.so
After installing the plugin, /etc/irods/server_config.json needs to be configured to use the plugin.
Add a new stanza to the "rule_engines" array within server_config.json:
{
"instance_name": "irods_rule_engine_plugin-audit_amqp-instance",
"plugin_name": "irods_rule_engine_plugin-audit_amqp",
"plugin_specific_configuration" : {
"amqp_location" : "ANONYMOUS@localhost:5672",
"amqp_topic" : "audit_messages",
"pep_regex_to_match" : "pep_.+"
}
}Further information on this plugin is described in the slide deck available here: http://slides.com/irods/ugm2016-auditing-rule-engine-amqp
Citations:
Hao Xu, Jason Coposky, Ben Keller, Terrell Russell (2015) Pluggable Rule Engine Architecture. 7th iRODS User Group Meeting, University of North Carolina at Chapel Hill. June 2015. (PDF)
Hao Xu, Jason Coposky, Dan Bedard, Jewel H. Ward, Terrell Russell, Arcot Rajasekar, Reagan Moore, Ben Keller, Zoey Greer (2015) A Method for the Systematic Generation of Audit Logs in a Digital Preservation Environment and Its Experimental Implementation In a Production Ready System. 12th International Conference on Digital Preservation, University of North Carolina at Chapel Hill. November 2-6, 2015. (PDF) (direct link)