feat: ocsf audit logging #1089
feat: ocsf audit logging #1089
Conversation
|
I think this is great. Being a existing format honestly feels this is better than our JSON format or the modsec one which I am not 100% sure fits in modern tooling. My only request here is that we should avoid changing the transaction to support a format. Audit log formats are pluggable and we should be able to either do everything with what we have or extend what we have to support new use cases but that does not include changing the internal API. |
|
Hey @durg78 ! We updated go to >= 1.21 today, if you want to rebase. |
Sync with corazawaf/coraza
Sync with main
I just now saw this. I'm working on the rebase now. |
…8/coraza into feature/OCSF_Audit_Logging
chore(goversion): upgrade minimum version to 1.22 (corazawaf#1145)
|
Would you mind rebasing the PR to fix the conflict and bringing in TinyGo's latest version (#1148 has been merged a few days ago)? I'm curious to see if the Tiny go test now works good |
|
Checks are passing now! 🎉 |
Co-authored-by: Matteo Pace <pace.matteo96@gmail.com>
…8/coraza into feature/OCSF_Audit_Logging
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
Time to merge! |
|
Amazing work! |
Added OCSF (version 1.2.0) audit log format utilizing github.com/valllabh/ocsf-schema-golang.
The dependency for golangci-lint was updated from 1.54 to 1.59.1. Lint test was crashing, and updating it resolved the issue.
ocsf-schema-golang required an update from go 1.20 to 1.22. Consequently, reflect.StringHeader (used in internal/corazawaf/rule.go) was deprecated in go 1.21. This was causing lint check failures. I have created an exception for now, but this will need to be addressed.